134 matches found
Astra Linux – Vulnerability found in Linux 6.12, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: usb: cdns3: gadget: Use-after-free during failed initialization and exit of cdnsp gadget In the cdnspgadgetinit and cdnspgadgetexit functions, the gadget structure pdev-gadget was freed before its endpoints. The endpoints are...
Astra Linux – Vulnerability in Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: usb: cdns3: Fix for a random warning message when loading drivers Warning log: 4.141392 Unexpected gfp: 0x4 GFPDMA32. Fixing it up to gfp: 0xa20 GFPATOMIC. Fix your code! 4.150340 CPU: 1 PID: 175 Comm: 1-0050 Not tainted...
Linux Distros Unpatched Vulnerability : CVE-2026-45911
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - usb: cdns3: fix role switching during resume If the role change while we are suspended, the cdns3 driver switches to the new mode during resume. However,...
SUSE CVE-2026-45911
In the Linux kernel, the following vulnerability has been resolved: usb: cdns3: fix role switching during resume If the role change while we are suspended, the cdns3 driver switches to the new mode during resume. However, switching to host mode in this context causes a NULL pointer dereference. T...
EUVD-2026-32377
In the Linux kernel, the following vulnerability has been resolved: usb: cdns3: fix role switching during resume If the role change while we are suspended, the cdns3 driver switches to the new mode during resume. However, switching to host mode in this context causes a NULL pointer dereference. T...
CVE-2026-45911
In the Linux kernel, the following vulnerability has been resolved: usb: cdns3: fix role switching during resume If the role change while we are suspended, the cdns3 driver switches to the new mode during resume. However, switching to host mode in this context causes a NULL pointer dereference. T...
UBUNTU-CVE-2026-45911
In the Linux kernel, the following vulnerability has been resolved: usb: cdns3: fix role switching during resume If the role change while we are suspended, the cdns3 driver switches to the new mode during resume. However, switching to host mode in this context causes a NULL pointer dereference. T...
CVE-2026-45911
CVE-2026-45911 affects the Linux kernel USB3 (cdns3) driver. When a USB role switch to host occurs during resume, the host path can dereference an uninitialized xhci-hcd device, causing a NULL pointer dereference. The fixed behavior is to skip the resume operation for the newly chosen role if a r...
CVE-2026-45911
In the Linux kernel, the following vulnerability has been resolved: usb: cdns3: fix role switching during resume If the role change while we are suspended, the cdns3 driver switches to the new mode during resume. However, switching to host mode in this context causes a NULL pointer dereference. T...
CVE-2026-45911
In the Linux kernel, the following vulnerability has been resolved: usb: cdns3: fix role switching during resume If the role change while we are suspended, the cdns3 driver switches to the new mode during resume. However, switching to host mode in this context causes a NULL pointer dereference. T...
Linux kernel 安全漏洞
The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel. This vulnerability arises from the cdns3 USB driver’s role switching during recovery. During this process, the resume...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: usb: cdns3: change place of ‘privep’ assignment in cdns3gadgetepdequeue, cdns3gadgetepenable If ‘ep’ is NULL, the result of eptocdns3epep is an invalid pointer. Dereferencing ‘privep-cdns3dev’ with this pointer may cause a panic...
Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: usb: cdns3: The part of the cdns set that activates the state should be placed outside the spin lock. The device may be scheduled during the resume process; therefore, this issue cannot occur in atomic operations. Since...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerabilities have been resolved: usb: cdns3 – Fix for use-after-free at workaround 2 BUG: KFENCE – Use-after-free during read operation in listdelentryvalid+0x10/0xac The code snippet is as follows: c cdns3wa2removeoldrequest … kfreeprivreq-request.buf;...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: usb: cdns3: Fixed a memory double-free issue when handling zero-length packets. 829: If request-complete, then: 830 spinunlock&privdev-lock; 831 usbgadgetgivebackrequest&privep-endpoint, 832 request; 833 spinlock&privdev-lock;...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: usb: cdns3: fixed memory usage after freeing variables at cdns3gadgetepdisable … cdns3gadgetepfreerequest&privep-endpoint, &privreq-request; listdelinit&privreq-list; ‘privreq’ is actually freed after cdns3gadgetepfreerequest...
SUSE CVE-2026-31755
In the Linux kernel, the following vulnerability has been resolved: usb: cdns3: gadget: fix NULL pointer dereference in epqueue When the gadget endpoint is disabled or not yet configured, the ep-desc pointer can be NULL. This leads to a NULL pointer dereference when cdns3gadgetepqueue is called,...
Linux Distros Unpatched Vulnerability : CVE-2026-31754
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - usb: cdns3: gadget: fix state inconsistency on gadget init failure When cdns3gadgetstart fails, the DRD hardware is left in gadget mode while software state...
Linux Distros Unpatched Vulnerability : CVE-2026-31755
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - usb: cdns3: gadget: fix NULL pointer dereference in epqueue When the gadget endpoint is disabled or not yet configured, the ep-desc pointer can be NULL. This...
CVE-2026-31755
A flaw was found in the Linux kernel's cdns3 USB gadget driver. When a gadget endpoint is disabled or not yet configured, a NULL pointer dereference can occur in the epqueue function. This can lead to a kernel crash, resulting in a denial of service DoS on the affected system...