CVE-2026-43250

In the Linux kernel, the following vulnerability has been resolved: usb: chipidea: udc: fix DMA and SG cleanup in epnuke The ChipIdea UDC driver can encounter "not page aligned sg buffer" errors when a USB device is reconnected after being disconnected during an active transfer. This occurs becau...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007463)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007463 advisory. In the Linux kernel, the following vulnerability has been resolved: usb: udc: remove warning when queue disabled ep It is possible trigger below warning message from...

CVE-2019-25285

Alps Pointing-device Controller 8.1202.1711.04 contains an unquoted service path vulnerability in the ApHidMonitorService that allows local attackers to execute code with elevated privileges. Attackers can place a malicious executable in the service path and gain system-level access when the...

EUVD-2019-19385

Alps Pointing-device Controller 8.1202.1711.04 contains an unquoted service path vulnerability in the ApHidMonitorService that allows local attackers to execute code with elevated privileges. Attackers can place a malicious executable in the service path and gain system-level access when the...

CVE-2019-25285

Alps Pointing-device Controller 8.1202.1711.04 contains an unquoted service path vulnerability in the ApHidMonitorService that allows local attackers to execute code with elevated privileges. Attackers can place a malicious executable in the service path and gain system-level access when the...

PT-2026-5812

Name of the Vulnerable Software and Affected Versions Alps Pointing-device Controller version 8.1202.1711.04 Description The Alps Pointing-device Controller version 8.1202.1711.04 contains an unquoted service path vulnerability in the ApHidMonitorService. This allows local attackers to execute co...

Azure Linux 3.0 Security Update: kernel (CVE-2024-46836)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-46836 advisory. - In the Linux kernel, the following vulnerability has been resolved: usb: gadget: aspeedudc: validate endpoin...

usb: gadget: udc: fix use-after-free in usb_gadget_state_work

...

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-404116)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-404116 advisory. In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: gadget: Fix looping of queued SG entries The dwc3request-numqueuedsgs is decremented o...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-986977)

"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986977 advisory. In the Linux kernel, the following vulnerability has been resolved: usb: gadget: Fix use-after-free bug by not setting udc-dev.driver The syzbot fuzzer found a...

EUVD-2022-55225

Malicious code in bioql PyPI...

UBUNTU-CVE-2023-53418

In the Linux kernel, the following vulnerability has been resolved: USB: gadget: lpc32xxudc: fix memory leak with using debugfslookup When calling debugfslookup the result must have dput called on it, otherwise the memory will leak over time. To make things simpler, just call debugfslookupandremo...

CVE-2023-53407

CVE-2023-53407 refers to a Linux kernel issue in USB gadget support for pxa27x_udc where memory leaks occur if debugfs_lookup() results are not released (dput). The resolution, as described in multiple sources, is to call debugfs_lookup_and_remove() which handles the lookup and cleanup in one ste...

usb: chipidea: udc: disconnect/reconnect from host when do suspend/resume

...

Linux Distros Unpatched Vulnerability : CVE-2025-38376

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: usb: chipidea: udc: disconnect/reconnect from host when do suspend/resume Shawn and John...

CVE-2025-38376

In the Linux kernel, the following vulnerability has been resolved: usb: chipidea: udc: disconnect/reconnect from host when do suspend/resume Shawn and John reported a hang issue during system suspend as below: - USB gadget is enabled as Ethernet - There is data transfer over USB Ethernet scp a...

AZL-65696 CVE-2025-38376 affecting package kernel for versions less than 6.6.104.2-1

In the Linux kernel, the following vulnerability has been resolved: usb: chipidea: udc: disconnect/reconnect from host when do suspend/resume Shawn and John reported a hang issue during system suspend as below: - USB gadget is enabled as Ethernet - There is data transfer over USB Ethernet scp a b...

CVE-2025-38376 usb: chipidea: udc: disconnect/reconnect from host when do suspend/resume

In the Linux kernel, the following vulnerability has been resolved: usb: chipidea: udc: disconnect/reconnect from host when do suspend/resume Shawn and John reported a hang issue during system suspend as below: - USB gadget is enabled as Ethernet - There is data transfer over USB Ethernet scp a b...

CVE-2025-38376

CVE-2025-38376 concerns the Linux kernel USB gadget: udc suspend/resume hang when the host continues data transfer while the bus is active and the controller is gated off. The root cause is that the USB device controller is suspended but the USB bus remains active, causing pending USB requests an...

CVE-2025-38376

In the Linux kernel, the following vulnerability has been resolved: usb: chipidea: udc: disconnect/reconnect from host when do suspend/resume Shawn and John reported a hang issue during system suspend as below: - USB gadget is enabled as Ethernet - There is data transfer over USB Ethernet scp a...