68 matches found
CVE-2026-23320
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: fncm: align netdevice lifecycle with bind/unbind Currently, the netdevice is allocated in ncmallocinst and freed in ncmfreeinst. This ties the network interface's lifetime to the configuration instance rather than th...
CVE-2026-23320
CVE-2026-23320 concerns the Linux kernel USB gadget f_ncm driver. The root cause is that the net_device was allocated in ncm_alloc_inst() and freed in ncm_free_inst(), tying the interface lifetime to the configuration instance rather than the USB connection, which can cause the network interface ...
CVE-2026-23320
Removed by vendor...
CVE-2026-23320 usb: gadget: f_ncm: align net_device lifecycle with bind/unbind
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: fncm: align netdevice lifecycle with bind/unbind Currently, the netdevice is allocated in ncmallocinst and freed in ncmfreeinst. This ties the network interface's lifetime to the configuration instance rather than th...
PT-2026-27685
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: f ncm: align net device lifecycle with bind/unbind Currently, the net device is allocated in ncm alloc inst and freed in ncm free inst. This ties the network interface's lifetime to the configuration instance rather...
Linux Distros Unpatched Vulnerability : CVE-2026-23320
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - usb: gadget: fncm: align netdevice lifecycle with bind/unbind Currently, the netdevice is allocated in ncmallocinst and freed in ncmfreeinst. This ties the...
CVE-2025-40316
In the Linux kernel, the following vulnerability has been resolved: drm/mediatek: Fix device use-after-free on unbind A recent change fixed device reference leaks when looking up drm platform device driver data during bind but failed to remove a partial fix which had been added by commit...
CVE-2025-40316
In the Linux kernel, the following vulnerability has been resolved: drm/mediatek: Fix device use-after-free on unbind A recent change fixed device reference leaks when looking up drm platform device driver data during bind but failed to remove a partial fix which had been added by commit...
CVE-2025-40316
In the Linux kernel, the following vulnerability has been resolved: drm/mediatek: Fix device use-after-free on unbind A recent change fixed device reference leaks when looking up drm platform device driver data during bind but failed to remove a partial fix which had been added by commit...
SUSE CVE-2025-40120
In the Linux kernel, the following vulnerability has been resolved: net: usb: asix: hold PM usage ref to avoid PM/MDIO + RTNL deadlock Prevent USB runtime PM autosuspend for AX88772 in bind. usbnet enables runtime PM autosuspend by default, so disabling it via the usbdriver flag is ineffective. O...
CVE-2025-40120
In the Linux kernel, the following vulnerability has been resolved: net: usb: asix: hold PM usage ref to avoid PM/MDIO + RTNL deadlock Prevent USB runtime PM autosuspend for AX88772 in bind. usbnet enables runtime PM autosuspend by default, so disabling it via the usbdriver flag is ineffective. O...
EUVD-2025-124963
In the Linux kernel, the following vulnerability has been resolved: net: usb: asix: hold PM usage ref to avoid PM/MDIO + RTNL deadlock Prevent USB runtime PM autosuspend for AX88772 in bind. usbnet enables runtime PM autosuspend by default, so disabling it via the usbdriver flag is ineffective. O...
UBUNTU-CVE-2025-40120
In the Linux kernel, the following vulnerability has been resolved: net: usb: asix: hold PM usage ref to avoid PM/MDIO + RTNL deadlock Prevent USB runtime PM autosuspend for AX88772 in bind. usbnet enables runtime PM autosuspend by default, so disabling it via the usbdriver flag is ineffective. O...
CVE-2025-40120 net: usb: asix: hold PM usage ref to avoid PM/MDIO + RTNL deadlock
In the Linux kernel, the following vulnerability has been resolved: net: usb: asix: hold PM usage ref to avoid PM/MDIO + RTNL deadlock Prevent USB runtime PM autosuspend for AX88772 in bind. usbnet enables runtime PM autosuspend by default, so disabling it via the usbdriver flag is ineffective. O...
CVE-2025-40092
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: fncm: Refactor bind path to use free After an bind/unbind cycle, the ncm-notifyreq is left stale. If a subsequent bind fails, the unified error label attempts to free this stale request, leading to a NULL pointer...
UBUNTU-CVE-2025-40094
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: facm: Refactor bind path to use free After an bind/unbind cycle, the acm-notifyreq is left stale. If a subsequent bind fails, the unified error label attempts to free this stale request, leading to a NULL pointer...
CVE-2025-40095
The CVE-2025-40095 entry concerns the Linux kernel USB gadget f_rndis driver. After a bind/unbind cycle, rndis->notify_req may remain stale; if a subsequent bind fails, the unified error path attempts to free this stale request, causing a NULL pointer dereference when ep->ops->free_reque...
Linux Distros Unpatched Vulnerability : CVE-2025-40092
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - usb: gadget: fncm: Refactor bind path to use free After an bind/unbind cycle, the ncm-notifyreq is left stale. If a subsequent bind fails, the unified error lab...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from rndis-notifyreq becoming stale after a bind-unbind loop, which could lead to a null pointer dereference...
PT-2025-44384
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw related to USB gadget functionality, specifically within the f acm module. A NULL pointer dereference can occur after a bind/unbind cycle, potentially...