SUSE CVE-2026-45911

In the Linux kernel, the following vulnerability has been resolved: usb: cdns3: fix role switching during resume If the role change while we are suspended, the cdns3 driver switches to the new mode during resume. However, switching to host mode in this context causes a NULL pointer dereference. T...

CVE-2026-45911

The CVE-2026-45911 issue affects the Linux kernel’s usb: cdns3 driver. When a role switch occurs during suspend/resume, the host mode path can dereference an unprobed xhci-hcd device during resume, leading to a NULL pointer dereference. The described fix skips the resume operation for the new rol...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-992790)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992790 advisory. In the Linux kernel, the following vulnerability has been resolved: usb: cdns3: Fix deadlock when using NCM gadget The cdns3 driver has the same NCM deadlock as fixe...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992657)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992657 advisory. In the Linux kernel, the following vulnerability has been resolved: usb: cdns3: Fix deadlock when using NCM gadget The cdns3 driver has the same NCM deadlock as fixe...

EUVD-2023-59902

Malicious code in bioql PyPI...

EUVD-2025-13977

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2023-53287

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - usb: cdns3: Put the cdns set active part outside the spin lock The device may be scheduled during the resume process, so this cannot appear in atomic operations...

SUSE CVE-2023-53287

In the Linux kernel, the following vulnerability has been resolved: usb: cdns3: Put the cdns set active part outside the spin lock The device may be scheduled during the resume process, so this cannot appear in atomic operations. Since pmruntimesetactive will resume suppliers, put set active...

CVE-2023-53287 usb: cdns3: Put the cdns set active part outside the spin lock

In the Linux kernel, the following vulnerability has been resolved: usb: cdns3: Put the cdns set active part outside the spin lock The device may be scheduled during the resume process, so this cannot appear in atomic operations. Since pmruntimesetactive will resume suppliers, put set active...

Linux Distros Unpatched Vulnerability : CVE-2025-37812

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - usb: cdns3: Fix deadlock when using NCM gadget The cdns3 driver has the same NCM deadlock as fixed in cdnsp by commit 58f2fcb3a845 usb: cdnsp: Fix deadlock issu...

SUSE CVE-2022-50151

In the Linux kernel, the following vulnerability has been resolved: usb: cdns3: fix random warning message when driver load Warning log: 4.141392 Unexpected gfp: 0x4 GFPDMA32. Fixing up to gfp: 0xa20 GFPATOMIC. Fix your code! 4.150340 CPU: 1 PID: 175 Comm: 1-0050 Not tainted...

DEBIAN-CVE-2022-50151

In the Linux kernel, the following vulnerability has been resolved: usb: cdns3: fix random warning message when driver load Warning log: 4.141392 Unexpected gfp: 0x4 GFPDMA32. Fixing up to gfp: 0xa20 GFPATOMIC. Fix your code! 4.150340 CPU: 1 PID: 175 Comm: 1-0050 Not tainted...

CVE-2022-50151

In the Linux kernel, the following vulnerability has been resolved: usb: cdns3: fix random warning message when driver load Warning log: 4.141392 Unexpected gfp: 0x4 GFPDMA32. Fixing up to gfp: 0xa20 GFPATOMIC. Fix your code! 4.150340 CPU: 1 PID: 175 Comm: 1-0050 Not tainted...

CVE-2022-50034

CVE-2022-50034 affects the Linux kernel USB cdns3 gadget workaround 2. A use-after-free occurs in cdns3_wa2_remove_old_request when priv_req->request.buf is freed before the list node is removed with list_del_init(), leaving a dangling pointer in the list. The patch reorders the sequence, movi...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a random warning message that may be generated when the usb cdns3 driver is loaded...

kernel: Linux kernel: Denial of Service in the cdns3 USB driver due to improper spin lock handling

A flaw was found in the Linux kernel's cdns3 USB driver. During the device resume process, the pmruntimesetactive function was incorrectly called from within a spin lock, which is an atomic operation. This improper handling can lead to a system crash, resulting in a Denial of Service DoS. A local...

SUSE CVE-2025-37812

In the Linux kernel, the following vulnerability has been resolved: usb: cdns3: Fix deadlock when using NCM gadget The cdns3 driver has the same NCM deadlock as fixed in cdnsp by commit 58f2fcb3a845 "usb: cdnsp: Fix deadlock issue during using NCM gadget". Under PREEMPTRT the deadlock can be...

UBUNTU-CVE-2025-37812

In the Linux kernel, the following vulnerability has been resolved: usb: cdns3: Fix deadlock when using NCM gadget The cdns3 driver has the same NCM deadlock as fixed in cdnsp by commit 58f2fcb3a845 "usb: cdnsp: Fix deadlock issue during using NCM gadget". Under PREEMPTRT the deadlock can be...

CVE-2025-37812 usb: cdns3: Fix deadlock when using NCM gadget

In the Linux kernel, the following vulnerability has been resolved: usb: cdns3: Fix deadlock when using NCM gadget The cdns3 driver has the same NCM deadlock as fixed in cdnsp by commit 58f2fcb3a845 "usb: cdnsp: Fix deadlock issue during using NCM gadget". Under PREEMPTRT the deadlock can be...

CVE-2025-37812

CVE-2025-37812 concerns the Linux kernel cdns3 driver: a deadlock in NCM gadget usage can occur under PREEMPT_RT when heavy network traffic triggers the threaded interrupt handler to be preempted by softirq. The root cause is protection by the same spinlock shared by the threaded IRQ and softirq....