Lucene search
K

33 matches found

AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: bus: mhi: host: Detect events pointing to unexpected TREs When a remote device sends a completion event to the host, it contains a pointer to the consumed TRE. The host uses this pointer to process all of the TREs between itself...

7.8CVSS6.6AI score0.00143EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: bus: mhi: ep: Only send -ENOTCONN status if the client driver is available. For the STOP and RESET commands, only send the channel disconnect status -ENOTCONN if the client driver is available. Otherwise, it will result in a null...

5.2AI score0.00166EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: bus: mhi: host: pcigeneric: Use pcitryresetfunction to avoid deadlock. There are multiple places where the recovery work is scheduled asynchronously. Additionally, there are multiple places where the caller waits synchronously fo...

5.5CVSS6.2AI score0.00144EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: bus: mhi: host: Drop the channel lock before queuing buffers. Ensure that read and write locks for the channel are not acquired consecutively by dropping the read lock from parsexferevent. This allows a callback provided to the...

5.5CVSS6AI score0.00209EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: bus: mhi: host – Added an alignment check for the event ring read pointer. Although we check the event ring read pointer using “isvalidringptr” to ensure it is within the buffer range, there is another risk that the pointer might...

7.8CVSS5.6AI score0.00279EPSS
Exploits0References2
OSV
OSV
added 2026/02/16 10:56 a.m.12 views

CLSA-2026-1771239384 kernel: Fix of 75 CVEs

net/sched: Make cakeenqueue return NETXMITCN when past bufferlimit CVE-2025-39766 - NFSD: Avoid calling OPDESC with ops-opnum == OPILLEGAL CVE-2023-53680 - scsi: target: iscsi: Fix buffer overflow in liotargetnaclinfoshow CVE-2023-53676 - KVM: x86: use arrayindexnospec with indices that come from...

7.8CVSS7AI score0.00517EPSS
Exploits3References1
Tenable Nessus
Tenable Nessus
added 2026/01/22 12:0 a.m.6 views

Azure Linux 3.0 Security Update: kernel (CVE-2025-38429)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-38429 advisory. - In the Linux kernel, the following vulnerability has been resolved: bus: mhi: ep: Update read pointer only...

5.5CVSS5.6AI score0.00155EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/01/05 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2023-54249

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - bus: mhi: ep: Only send -ENOTCONN status if client driver is available For the STOP and RESET commands, only send the channel disconnect status -ENOTCONN if...

5.3AI score0.00166EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2025/12/31 12:27 a.m.3 views

SUSE CVE-2023-54249

In the Linux kernel, the following vulnerability has been resolved: bus: mhi: ep: Only send -ENOTCONN status if client driver is available For the STOP and RESET commands, only send the channel disconnect status -ENOTCONN if client driver is available. Otherwise, it will result in null pointer...

6.5AI score0.00166EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2025/12/30 1:16 p.m.5 views

CVE-2023-54249

In the Linux kernel, the following vulnerability has been resolved: bus: mhi: ep: Only send -ENOTCONN status if client driver is available For the STOP and RESET commands, only send the channel disconnect status -ENOTCONN if client driver is available. Otherwise, it will result in null pointer...

5.7AI score0.00166EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2025/11/05 12:0 a.m.4 views

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-988924)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-988924 advisory. In the Linux kernel, the following vulnerability has been resolved: bus: mhi: core: Validate channel ID when processing command completions MHI reads the channel ID...

7.8CVSS5.5AI score0.00231EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/10/08 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2023-53598

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: bus: mhi: host: Range check CHDBOFF and ERDBOFF If the value read from the CHDBOFF and ERDBO...

5.5CVSS6.2AI score0.00137EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2025-28923

Malicious code in bioql PyPI...

6.3AI score0.00143EPSS
Exploits0References7
NVD
NVD
added 2025/09/11 5:15 p.m.5 views

CVE-2025-39790

In the Linux kernel, the following vulnerability has been resolved: bus: mhi: host: Detect events pointing to unexpected TREs When a remote device sends a completion event to the host, it contains a pointer to the consumed TRE. The host uses this pointer to process all of the TREs between it and...

7.8CVSS0.00143EPSS
Exploits0References8
OSV
OSV
added 2025/09/11 5:15 p.m.2 views

DEBIAN-CVE-2025-39790

In the Linux kernel, the following vulnerability has been resolved: bus: mhi: host: Detect events pointing to unexpected TREs When a remote device sends a completion event to the host, it contains a pointer to the consumed TRE. The host uses this pointer to process all of the TREs between it and...

7.8CVSS6.4AI score0.00143EPSS
Exploits0References1
OSV
OSV
added 2025/09/11 5:15 p.m.5 views

UBUNTU-CVE-2025-39790

In the Linux kernel, the following vulnerability has been resolved: bus: mhi: host: Detect events pointing to unexpected TREs When a remote device sends a completion event to the host, it contains a pointer to the consumed TRE. The host uses this pointer to process all of the TREs between it and...

7.8CVSS6.7AI score0.00143EPSS
Exploits0References34
CVE
CVE
added 2025/09/11 4:56 p.m.26 views

CVE-2025-39790

CVE-2025-39790 : In the Linux kernel, the bus: mhi: host implementation could mis-handle completion events when a device points a TRE pointer ahead of the host’s ring read pointer, enabling a window where a stale TRE is read and its buffer freed twice. The published description documents that thi...

7.8CVSS6.2AI score0.00143EPSS
Exploits0References8Affected Software1
Cvelist
Cvelist
added 2025/09/11 4:56 p.m.10 views

CVE-2025-39790 bus: mhi: host: Detect events pointing to unexpected TREs

In the Linux kernel, the following vulnerability has been resolved: bus: mhi: host: Detect events pointing to unexpected TREs When a remote device sends a completion event to the host, it contains a pointer to the consumed TRE. The host uses this pointer to process all of the TREs between it and...

0.00143EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2025/08/10 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2021-47286

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: bus: mhi: core: Validate channel ID when processing command completions MHI reads the channe...

7.8CVSS5.3AI score0.00231EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2025/07/29 11:23 p.m.3 views

SUSE CVE-2025-38429

In the Linux kernel, the following vulnerability has been resolved: bus: mhi: ep: Update read pointer only after buffer is written Inside mhiepringaddelement, the read pointer rdoffset is updated before the buffer is written, potentially causing race conditions where the host sees an updated read...

5.8CVSS6.6AI score0.00155EPSS
Exploits0References22
Rows per page
Query Builder