CVE-2026-45911 usb: cdns3: fix role switching during resume

In the Linux kernel, the following vulnerability has been resolved: usb: cdns3: fix role switching during resume If the role change while we are suspended, the cdns3 driver switches to the new mode during resume. However, switching to host mode in this context causes a NULL pointer dereference. T...

ROS-20260119-7329

A vulnerability in the ufsbsgremove function of the drivers/ufs/core/ufsbsg.c module of the Linux kernel's UFS Universal Flash Storage host controller support is related to the reuse of previously freed memory. Exploitation of the vulnerability could allow an attacker to affect the confidentialit...

Unity Linux 20.1060e Security Update: kernel (UTSA-2026-004778)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004778 advisory. The specific flaw exists within the DPT I2O Controller driver. The issue results from the lack of proper locking when performing operations on an object. An attacker...

EUVD-2020-18301

Malware in sbrugna...

EUVD-2022-42941

Malicious code in bioql PyPI...

UBUNTU-CVE-2022-50153

In the Linux kernel, the following vulnerability has been resolved: usb: host: Fix refcount leak in ehcihcdppcofprobe offindcompatiblenode returns a node pointer with refcount incremented, we should use ofnodeput on it when done. Add missing ofnodeput to avoid refcount leak...

USN-7387-3: Linux kernel (Real-time) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - MIPS architecture; - PowerPC architecture; - RISC-V architecture; - S390 architecture; - Supe...

DEBIAN-CVE-2022-49713

In the Linux kernel, the following vulnerability has been resolved: usb: dwc2: Fix memory leak in dwc2hcdinit usbcreatehcd will alloc memory for hcd, and we should call usbputhcd to free it when platformgetresource fails to prevent memory leak. goto error2 label instead error1 to fix this...

xhci: Fix Panther point NULL pointer deref at full-speed re-enumeration

...

CVE-2024-43876 PCI: rcar: Demote WARN() to dev_warn_ratelimited() in rcar_pcie_wakeup()

In the Linux kernel, the following vulnerability has been resolved: PCI: rcar: Demote WARN to devwarnratelimited in rcarpciewakeup Avoid large backtrace, it is sufficient to warn the user that there has been a link problem. Either the link has failed and the system is in need of maintenance, or t...

CVE-2024-42249

In the Linux kernel, the following vulnerability has been resolved: spi: don't unoptimize message in spiasync Calling spimaybeunoptimizemessage in spiasync is wrong because the message is likely to be in the queue and not transferred yet. This can corrupt the message while it is being used by the...

CVE-2024-42249 spi: don't unoptimize message in spi_async()

In the Linux kernel, the following vulnerability has been resolved: spi: don't unoptimize message in spiasync Calling spimaybeunoptimizemessage in spiasync is wrong because the message is likely to be in the queue and not transferred yet. This can corrupt the message while it is being used by the...

CVE-2024-42249 spi: don't unoptimize message in spi_async()

In the Linux kernel, the following vulnerability has been resolved: spi: don't unoptimize message in spiasync Calling spimaybeunoptimizemessage in spiasync is wrong because the message is likely to be in the queue and not transferred yet. This can corrupt the message while it is being used by the...

CVE-2023-52492 dmaengine: fix NULL pointer in channel unregistration function

In the Linux kernel, the following vulnerability has been resolved: dmaengine: fix NULL pointer in channel unregistration function dmaasyncdevicechannelregister can fail. In case of failure, chan-local is freed with freepercpu, and chan-local is nullified. When dmaasyncdeviceunregister is called...

kernel: Linux kernel: Denial of Service due to deadlock in Universal Flash Storage driver

A flaw was found in the Linux kernel. A local attacker with low privileges could exploit a deadlock vulnerability in the Universal Flash Storage UFS host controller driver ufshcd. This occurs when the error handler and a Command Queue CQ event interrupt attempt to acquire the same lock...

USN-6397-1: Linux kernel (BlueField) vulnerabilities

Daniel Moghimi discovered that some IntelR Processors did not properly clear microarchitectural state after speculative execution of various instructions. A local unprivileged user could use this to obtain to sensitive information. CVE-2022-40982 Ruihan Li discovered that the bluetooth subsystem ...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2023:3683-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:3683-1 advisory. The SUSE Linux Enterprise 15 SP4 kernel was updated to receive various security and bugfixes. Th...

Design/Logic Flaw

A flaw was found in the USB Host Controller Driver framework in the Linux kernel. The usbgivebackurb function has a logic loophole in its implementation. Due to the inappropriate judgment condition of the goto statement, the function cannot return under the input of a specific malformed descripto...

CVE-2023-4010

A flaw was found in the USB Host Controller Driver framework in the Linux kernel. The usbgivebackurb function has a logic loophole in its implementation. Due to the inappropriate judgment condition of the goto statement, the function cannot return under the input of a specific malformed descripto...

CVE-2023-4010

CVE-2023-4010 reports a denial-of-service in the Linux kernel USB Host Controller Driver (framework) specifically in usb_giveback_urb. The description indicates a logic error in the goto-condition can cause the function to loop indefinitely when presented with a malformed descriptor, leading to D...