Astra Linux – Vulnerabilities in Linux, Linux-5.15, Linux-5.10

In the Linux kernel, the following vulnerability has been resolved: fbdev: udlfb: Fix endpoint check The syzbot fuzzer detected a problem with the udlfb driver, caused by an endpoint that does not have the expected type. usb 1-1: Failed to read the EDID byte 0; result: -71. usb 1-1: Unable to...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000832)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000832 advisory. The clie5attach function in drivers/usb/serial/visor.c in the Linux kernel through 4.4.1 allows physically proximate attackers to cause a denial of service NULL...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002241)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002241 advisory. The clie5attach function in drivers/usb/serial/visor.c in the Linux kernel through 4.4.1 allows physically proximate attackers to cause a denial of service NULL...

CVE-2023-54277

In the Linux kernel, the following vulnerability has been resolved: fbdev: udlfb: Fix endpoint check The syzbot fuzzer detected a problem in the udlfb driver, caused by an endpoint not having the expected type: usb 1-1: Read EDID byte 0 failed: -71 usb 1-1: Unable to get valid EDID from...

SUSE CVE-2023-54277

In the Linux kernel, the following vulnerability has been resolved: fbdev: udlfb: Fix endpoint check The syzbot fuzzer detected a problem in the udlfb driver, caused by an endpoint not having the expected type: usb 1-1: Read EDID byte 0 failed: -71 usb 1-1: Unable to get valid EDID from...

EUVD-2023-60527

In the Linux kernel, the following vulnerability has been resolved: fbdev: udlfb: Fix endpoint check The syzbot fuzzer detected a problem in the udlfb driver, caused by an endpoint not having the expected type: usb 1-1: Read EDID byte 0 failed: -71 usb 1-1: Unable to get valid EDID from...

CVE-2023-54277

In the Linux kernel, the following vulnerability has been resolved: fbdev: udlfb: Fix endpoint check The syzbot fuzzer detected a problem in the udlfb driver, caused by an endpoint not having the expected type: usb 1-1: Read EDID byte 0 failed: -71 usb 1-1: Unable to get valid EDID from...

UBUNTU-CVE-2023-54277

In the Linux kernel, the following vulnerability has been resolved: fbdev: udlfb: Fix endpoint check The syzbot fuzzer detected a problem in the udlfb driver, caused by an endpoint not having the expected type: usb 1-1: Read EDID byte 0 failed: -71 usb 1-1: Unable to get valid EDID from...

CVE-2023-54277 fbdev: udlfb: Fix endpoint check

In the Linux kernel, the following vulnerability has been resolved: fbdev: udlfb: Fix endpoint check The syzbot fuzzer detected a problem in the udlfb driver, caused by an endpoint not having the expected type: usb 1-1: Read EDID byte 0 failed: -71 usb 1-1: Unable to get valid EDID from...

CVE-2023-54277

The CVE-2023-54277 entry concerns the Linux kernel udlfb fbdev driver. The root cause described in the provided sources is an endpoint type check failure for a USB bulk-OUT endpoint, leading to issues when the endpoint is not of the expected type (e.g., EDID reads failing and “BOGUS urb xfer” mes...

CVE-2023-54277 fbdev: udlfb: Fix endpoint check

In the Linux kernel, the following vulnerability has been resolved: fbdev: udlfb: Fix endpoint check The syzbot fuzzer detected a problem in the udlfb driver, caused by an endpoint not having the expected type: usb 1-1: Read EDID byte 0 failed: -71 usb 1-1: Unable to get valid EDID from...

PT-2025-54106

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.4.0-rc1-syzkaller-00016-ga4422ff22142 Description The udlfb driver in the Linux kernel has an issue where it does not properly validate the endpoint type. Specifically, the driver only checks for the existence ...

DEBIAN-CVE-2025-38474

In the Linux kernel, the following vulnerability has been resolved: usb: net: sierra: check for no status endpoint The driver checks for having three endpoints and having bulk in and out endpoints, but not that the third endpoint is interrupt input. Rectify the omission...

PT-2025-31071

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel driver does not properly validate the presence of an interrupt input endpoint when checking for three endpoints, bulk in, and bulk out endpoints. This omission could lea...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: Char: xillybus: Check USB endpoints when probing the device Ensure that, as the driver probes the device, all endpoints that the driver may attempt to access exist and are of the correct type. All XillyUSB devices must have a Bul...

SUSE CVE-2024-45011

In the Linux kernel, the following vulnerability has been resolved: char: xillybus: Check USB endpoints when probing device Ensure, as the driver probes the device, that all endpoints that the driver may attempt to access exist and are of the correct type. All XillyUSB devices must have a Bulk IN...

AZL-49254 CVE-2024-45011 affecting package kernel for versions less than 6.6.51.1-1

In the Linux kernel, the following vulnerability has been resolved: char: xillybus: Check USB endpoints when probing device Ensure, as the driver probes the device, that all endpoints that the driver may attempt to access exist and are of the correct type. All XillyUSB devices must have a Bulk IN...

AZL-49203 CVE-2024-45011 affecting package kernel for versions less than 5.15.167.1-1

In the Linux kernel, the following vulnerability has been resolved: char: xillybus: Check USB endpoints when probing device Ensure, as the driver probes the device, that all endpoints that the driver may attempt to access exist and are of the correct type. All XillyUSB devices must have a Bulk IN...

CVE-2024-45011 char: xillybus: Check USB endpoints when probing device

In the Linux kernel, the following vulnerability has been resolved: char: xillybus: Check USB endpoints when probing device Ensure, as the driver probes the device, that all endpoints that the driver may attempt to access exist and are of the correct type. All XillyUSB devices must have a Bulk IN...

SUSE CVE-2015-7566

The clie5attach function in drivers/usb/serial/visor.c in the Linux kernel through 4.4.1 allows physically proximate attackers to cause a denial of service NULL pointer dereference and system crash or possibly have unspecified other impact by inserting a USB device that lacks a bulk-out endpoint...