46 matches found
CVE-2026-10668
The CVE describes a DoS in the Nuvoton NuMaker HSUSBD UDC driver (udc_numaker.c): the control Data IN is armed unconditionally, and since the hardware cannot disarm a previously armed IN, a host can repeatedly cancel and re-SETUP, wedge the control endpoint, and cause the device to refuse further...
CVE-2026-10668 Host-triggerable control-endpoint wedge (DoS) in Nuvoton NuMaker HSUSBD UDC driver
The Nuvoton NuMaker HSUSBD USB device-controller driver drivers/usb/udc/udcnumaker.c armed the control Data IN stage unconditionally base-CEPTXCNT = len in numakerhsusbdeptrigger. Because the HSUSBD hardware cannot disarm a control Data IN already armed for a previous transfer, a USB host that...
CVE-2026-10656 NULL-pointer dereference DoS in MAX32 USB device controller transfer-completion handlers
The MAX32xxx USB device controller driver drivers/usb/udc/udcmax32.c, compatible adimax32usbhs dereferenced an endpoint buffer in its OUT and IN transfer-completion handlers without checking it for NULL. udceventxferoutdone called netbufaddbuf, eprequest-actlen immediately after buf =...
CVE-2026-10656
The MAX32xxx USB device controller driver drivers/usb/udc/udcmax32.c, compatible adimax32usbhs dereferenced an endpoint buffer in its OUT and IN transfer-completion handlers without checking it for NULL. udceventxferoutdone called netbufaddbuf, eprequest-actlen immediately after buf =...
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: usb: ChipIdea UDC: Fix for DMA and SG cleanup in epnuke The ChipIdea UDC driver may encounter errors where “not-page-aligned sg buffers” occur when a USB device is reconnected after being disconnected during an active transfer...
CVE-2026-43250
In the Linux kernel, the following vulnerability has been resolved: usb: chipidea: udc: fix DMA and SG cleanup in epnuke The ChipIdea UDC driver can encounter "not page aligned sg buffer" errors when a USB device is reconnected after being disconnected during an active transfer. This occurs becau...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007463)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007463 advisory. In the Linux kernel, the following vulnerability has been resolved: usb: udc: remove warning when queue disabled ep It is possible trigger below warning message from...
CVE-2019-25285
Alps Pointing-device Controller 8.1202.1711.04 contains an unquoted service path vulnerability in the ApHidMonitorService that allows local attackers to execute code with elevated privileges. Attackers can place a malicious executable in the service path and gain system-level access when the...
EUVD-2019-19385
Alps Pointing-device Controller 8.1202.1711.04 contains an unquoted service path vulnerability in the ApHidMonitorService that allows local attackers to execute code with elevated privileges. Attackers can place a malicious executable in the service path and gain system-level access when the...
CVE-2019-25285
Alps Pointing-device Controller 8.1202.1711.04 contains an unquoted service path vulnerability in the ApHidMonitorService that allows local attackers to execute code with elevated privileges. Attackers can place a malicious executable in the service path and gain system-level access when the...
PT-2026-5812
Name of the Vulnerable Software and Affected Versions Alps Pointing-device Controller version 8.1202.1711.04 Description The Alps Pointing-device Controller version 8.1202.1711.04 contains an unquoted service path vulnerability in the ApHidMonitorService. This allows local attackers to execute co...
Azure Linux 3.0 Security Update: kernel (CVE-2024-46836)
The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-46836 advisory. - In the Linux kernel, the following vulnerability has been resolved: usb: gadget: aspeedudc: validate endpoin...
usb: gadget: udc: fix use-after-free in usb_gadget_state_work
...
Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-404116)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-404116 advisory. In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: gadget: Fix looping of queued SG entries The dwc3request-numqueuedsgs is decremented o...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-986977)
"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986977 advisory. In the Linux kernel, the following vulnerability has been resolved: usb: gadget: Fix use-after-free bug by not setting udc-dev.driver The syzbot fuzzer found a...
EUVD-2022-55225
Malicious code in bioql PyPI...
UBUNTU-CVE-2023-53418
In the Linux kernel, the following vulnerability has been resolved: USB: gadget: lpc32xxudc: fix memory leak with using debugfslookup When calling debugfslookup the result must have dput called on it, otherwise the memory will leak over time. To make things simpler, just call debugfslookupandremo...
CVE-2023-53407
CVE-2023-53407 refers to a Linux kernel issue in USB gadget support for pxa27x_udc where memory leaks occur if debugfs_lookup() results are not released (dput). The resolution, as described in multiple sources, is to call debugfs_lookup_and_remove() which handles the lookup and cleanup in one ste...
usb: chipidea: udc: disconnect/reconnect from host when do suspend/resume
...
Linux Distros Unpatched Vulnerability : CVE-2025-38376
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: usb: chipidea: udc: disconnect/reconnect from host when do suspend/resume Shawn and John...