40 matches found
CVE-2026-10668
The Nuvoton NuMaker HSUSBD USB device-controller driver drivers/usb/udc/udcnumaker.c armed the control Data IN stage unconditionally base-CEPTXCNT = len in numakerhsusbdeptrigger. Because the HSUSBD hardware cannot disarm a control Data IN already armed for a previous transfer, a USB host that...
CVE-2026-53283
A flaw was found in the Linux kernel's AMD IOMMU Input/Output Memory Management Unit driver. A local attacker or a specially configured PCI device could trigger an out-of-bounds read in the rlookupamdiommu function. This vulnerability occurs when a PCI device's Bus Device Function BDF is not...
CVE-2026-53324
CVE-2026-53324 is addressed in the Linux kernel’s net: mana path. The fix replaces per-device debugfs directory naming that previously used a hardcoded "0" for PFs and pci_slot_name(pdev->slot) for VFs with pci_name(pdev), which yields the unique BDF address. This eliminates two issues: (1) po...
CVE-2026-43375
In the Linux kernel, the following vulnerability has been resolved: net: mctp: fix device leak on probe failure Driver core holds a reference to the USB interface and its parent USB device while the interface is bound to a driver and there is no need to take additional references unless the...
CVE-2026-43375 net: mctp: fix device leak on probe failure
In the Linux kernel, the following vulnerability has been resolved: net: mctp: fix device leak on probe failure Driver core holds a reference to the USB interface and its parent USB device while the interface is bound to a driver and there is no need to take additional references unless the...
Linux Distros Unpatched Vulnerability : CVE-2026-43147
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Revert PCI/IOV: Add PCI rescan-remove locking when enabling/disabling SR-IOV This reverts commit 05703271c3cd PCI/IOV: Add PCI rescan-remove locking when...
CVE-2026-43015
The CVE-2026-43015 issue is in the Linux kernel macb PCI glue driver where clk handling during platform_device_unregister() can be used after the device is unregistered. The root cause is that platform_device_unregister may still use registered clks during a runtime resume callback, leading to a ...
EUVD-2026-26510
In the Linux kernel, the following vulnerability has been resolved: ALSA: caiaq: take a reference on the USB device in createcard The caiaq driver stores a pointer to the parent USB device in cdev-chip.dev but never takes a reference on it. The card's privatefree callback, sndusbcaiaqcardfree, ca...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-011037)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011037 advisory. In the Linux kernel, the following vulnerability has been resolved: mcb: mcb-parse: fix error handing in chameleonparsegdd If mcbdeviceregister returns error in...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: media: rc: fix races with imondisconnect Syzbot reports a KASAN issue as follows: BUG: KASAN: use-after-free in createpipe include/linux/usb.h:1945 inline BUG: KASAN: use-after-free in sendpacket+0xa2d/0xbc0...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003721)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003721 advisory. An issue was discovered in the Linux kernel before 5.0.14. There is a NULL pointer dereference caused by a malicious USB device in the drivers/usb/misc/yurex.c drive...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-004283)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004283 advisory. In the Linux kernel before 5.3.12, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/input/ff-memless.c driver, aka...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-003891)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003891 advisory. An issue was discovered in the Linux kernel before 5.0.14. There is a NULL pointer dereference caused by a malicious USB device in the drivers/usb/misc/yurex.c drive...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003719)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003719 advisory. An issue was discovered in the Linux kernel before 5.1.17. There is a NULL pointer dereference caused by a malicious USB device in the sound/usb/line6/pcm.c driver...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003736)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003736 advisory. An issue was discovered in the Linux kernel before 5.1.8. There is a NULL pointer dereference caused by a malicious USB device in the drivers/media/usb/siano/smsusb....
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-004776)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004776 advisory. An incorrect read request flaw was found in the Infrared Transceiver USB driver in the Linux kernel. This issue occurs when a user attaches a malicious USB device. A...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-004135)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004135 advisory. In the Linux kernel before 5.3.12, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/input/ff-memless.c driver, aka...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001281)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001281 advisory. The usbnetgenericcdcbind function in drivers/net/usb/cdcether.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service divide-by-zero...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-003409)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003409 advisory. drivers/net/usb/asixdevices.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service NULL pointer dereference and system crash or possib...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001648)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001648 advisory. The parsehidreportdescriptor function in drivers/input/tablet/gtco.c in the Linux kernel before 4.13.11 allows local users to cause a denial of service out-of-bounds...