Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: net: usb: aqc111: fix error handling of usbnet read calls Syzkaller, with the help of syzbot, identified an error in the aqc111 driver. This error was caused by incomplete sanitization of the results of usbnet read calls. This...

SUSE CVE-2026-23446

In the Linux kernel, the following vulnerability has been resolved: net: usb: aqc111: Do not perform PM inside suspend callback syzbot reports "task hung in rpmresume" This is caused by aqc111suspend calling the PM variant of its writecmd routine. The simplified call trace looks like this:...

CVE-2026-23446

A flaw was found in the Linux kernel's aqc111 USB network driver. When the aqc111suspend function is called, it incorrectly attempts to perform Power Management PM operations. This leads to a situation where a task hangs, preventing other critical networking operations and causing a Denial of...

CVE-2026-23446

In the Linux kernel, the following vulnerability has been resolved: net: usb: aqc111: Do not perform PM inside suspend callback syzbot reports "task hung in rpmresume" This is caused by aqc111suspend calling the PM variant of its writecmd routine. The simplified call trace looks like this:...

Azure Linux 3.0 Security Update: kernel (CVE-2025-38153)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-38153 advisory. - In the Linux kernel, the following vulnerability has been resolved: net: usb: aqc111: fix error handling of...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989129)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989129 advisory. In the Linux kernel, the following vulnerability has been resolved: net: usb: aqc111: Fix out-of-bounds accesses in RX fixup aqc111rxfixup contains several...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989709)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989709 advisory. In the Linux kernel, the following vulnerability has been resolved: usb: aqc111: check packet for fixup for true limit If a device sends a packet that is inbetween 0...

net: usb: aqc111: fix error handling of usbnet read calls

...

Linux Distros Unpatched Vulnerability : CVE-2025-38153

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: usb: aqc111: fix error handling of usbnet read calls Syzkaller, courtesy of syzbot, identified an error see report 1 in aqc111 driver, caused by incomplete...

SUSE CVE-2025-38153

In the Linux kernel, the following vulnerability has been resolved: net: usb: aqc111: fix error handling of usbnet read calls Syzkaller, courtesy of syzbot, identified an error see report 1 in aqc111 driver, caused by incomplete sanitation of usb read calls' results. This problem is quite similar...

AZL-64544 CVE-2025-38153 affecting package kernel for versions less than 6.6.96.1-1

In the Linux kernel, the following vulnerability has been resolved: net: usb: aqc111: fix error handling of usbnet read calls Syzkaller, courtesy of syzbot, identified an error see report 1 in aqc111 driver, caused by incomplete sanitation of usb read calls' results. This problem is quite similar...

DEBIAN-CVE-2025-38153

In the Linux kernel, the following vulnerability has been resolved: net: usb: aqc111: fix error handling of usbnet read calls Syzkaller, courtesy of syzbot, identified an error see report 1 in aqc111 driver, caused by incomplete sanitation of usb read calls' results. This problem is quite similar...

UBUNTU-CVE-2025-38153

In the Linux kernel, the following vulnerability has been resolved: net: usb: aqc111: fix error handling of usbnet read calls Syzkaller, courtesy of syzbot, identified an error see report 1 in aqc111 driver, caused by incomplete sanitation of usb read calls' results. This problem is quite similar...

CVE-2025-38153 net: usb: aqc111: fix error handling of usbnet read calls

In the Linux kernel, the following vulnerability has been resolved: net: usb: aqc111: fix error handling of usbnet read calls Syzkaller, courtesy of syzbot, identified an error see report 1 in aqc111 driver, caused by incomplete sanitation of usb read calls' results. This problem is quite similar...

CVE-2025-38153

CVE-2025-38153 (Linux kernel) is documented in connected sources as a vulnerability in the aqc111 USB network driver. The issue arises from incomplete sanitation of usbnet read results, where usbnet_read_cmd() may return fewer bytes than expected and aqc111_read_cmd() may not validate the result,...

PT-2025-27738

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A vulnerability in the Linux kernel has been identified, related to the aqc111 driver. The issue arises from incomplete sanitation of USB read calls' results, which can lead to the MAC...

SUSE CVE-2022-49051

In the Linux kernel, the following vulnerability has been resolved: net: usb: aqc111: Fix out-of-bounds accesses in RX fixup aqc111rxfixup contains several out-of-bounds accesses that can be triggered by a malicious or defective USB device, in particular: - The metadata array...

UBUNTU-CVE-2023-52655

In the Linux kernel, the following vulnerability has been resolved: usb: aqc111: check packet for fixup for true limit If a device sends a packet that is inbetween 0 and sizeofu64 the value passed to skbtrim as length will wrap around ending up as some very large value. The driver will then proce...

CVE-2023-52655

The CVE-2023-52655 issue affects the Linux kernel usb aqc111 driver. Root cause: when a device sends a packet with a length between 0 and sizeof(u64), the length passed to skb_trim() wraps to a very large value due to an incorrect check against 0. The driver currently validates against 0 instead ...