CVE-2026-43427

A flaw was found in the Linux kernel's USB CDC WDM driver. Due to compiler optimizations or CPU out-of-order execution, a memory reordering issue can occur during the read operation. This can lead to the driver accessing uninitialized memory, potentially resulting in information disclosure to a...

EUVD-2026-28733

In the Linux kernel, the following vulnerability has been resolved: usb: class: cdc-wdm: fix reordering issue in read code path Quoting the bug report: Due to compiler optimization or CPU out-of-order execution, the desc-length update can be reordered before the memmove. If this happens, wdmread...

UBUNTU-CVE-2026-23448

In the Linux kernel, the following vulnerability has been resolved: net: usb: cdcncm: add ndpoffset to NDP16 nframes bounds check cdcncmrxverifyndp16 validates that the NDP header and its DPE entries fit within the skb. The first check correctly accounts for ndpoffset: if ndpoffset + sizeofstruct...

DEBIAN-CVE-2024-40904

In the Linux kernel, the following vulnerability has been resolved: USB: class: cdc-wdm: Fix CPU lockup caused by excessive log messages The syzbot fuzzer found that the interrupt-URB completion callback in the cdc-wdm driver was taking too long, and the driver's immediate resubmission of interru...