CVE-2026-23365 net: usb: kalmia: validate USB endpoints

In the Linux kernel, the following vulnerability has been resolved: net: usb: kalmia: validate USB endpoints The kalmia driver should validate that the device it is probing has the proper number and types of USB endpoints it is expecting before it binds to it. If a malicious device were to not ha...

CVE-2022-50470

The CVE-2022-50470 vulnerability is a Linux kernel issue in the xHCI host controller code. It occurs when freeing a virtual device if the xHCI host controller dies or is removed; endpoints may not be dropped from the bandwidth list due to early returns, triggering a list_del corruption and kernel...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a failure to remove device endpoints from the bandwidth list, which could result in a corrupted list and a...

PT-2024-10235 · Versa · Versa Director

Name of the Vulnerable Software and Affected Versions: Versa Director affected versions not specified Description: The issue is related to the REST API in Versa Director, which is used for orchestration and management. Certain APIs, such as the login screen, banner display, and device registratio...

kernel: xhci: Remove device endpoints from bandwidth list when freeing the device

A null pointer/list corruption flaw was found in the Linux kernel USB xHCI host controller code. When the xHCI host is dying or being removed, some device endpoints may remain on the software bandwidth list. Later cleanup deletes entries that were already freed, corrupting the list and crashing t...

kernel: xhci: Remove device endpoints from bandwidth list when freeing the device

A null pointer/list corruption flaw was found in the Linux kernel USB xHCI host controller code. When the xHCI host is dying or being removed, some device endpoints may remain on the software bandwidth list. Later cleanup deletes entries that were already freed, corrupting the list and crashing t...

GSD-2022-1007630 xhci: Remove device endpoints from bandwidth list when freeing the device

xhci: Remove device endpoints from bandwidth list when freeing the device This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.9.332 by commit...

GSD-2022-1007556 xhci: Remove device endpoints from bandwidth list when freeing the device

xhci: Remove device endpoints from bandwidth list when freeing the device This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.14.298 by commit...

GSD-2022-1007472 xhci: Remove device endpoints from bandwidth list when freeing the device

xhci: Remove device endpoints from bandwidth list when freeing the device This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.19.264 by commit...

PT-2022-35727 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v4.19.264 Description: The issue is related to the xhci component, specifically concerning the removal of device endpoints from the bandwidth list when freeing the device. The actual impact and attack plausibili...

PT-2022-35811 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v4.14.298 Description: The issue is related to the removal of device endpoints from the bandwidth list when freeing the device. The actual impact and attack plausibility have not yet been proven. Recommendations...

PT-2022-35222 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.15.77 Description: The issue is related to the xhci component, specifically concerning the removal of device endpoints from the bandwidth list when freeing the device. The actual impact and attack plausibilit...

PT-2022-35885 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v4.9.332 Description: The issue is related to the removal of device endpoints from the bandwidth list when freeing the device. The actual impact and attack plausibility have not yet been proven. Recommendations:...

Securing your IoT with Edge Secured-core devices

A recent study conducted by Microsoft in partnership with Ponemon Institute included a survey of companies that have adopted IoT solutions and 65 percent of them mentioned that security is a top priority when implementing IoT. Attacks targeting IoT devices put businesses at risk. Impacted devices...