CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Debian CVE•added 2026/05/08 2:21 p.m.•4 views

CVE-2026-43421

5.5CVSS5.7AI score0.00013EPSS

Exploits0

CVE•added 2026/05/08 2:21 p.m.•9 views

CVE-2026-43421

The CVE affects the Linux kernel USB gadget for Network Control Model (NCM) where a net_device could outlive its parent gadget during disconnection, causing dangling sysfs links and potential null dereference. The root cause was lifecycle mismanagement of net_device during USB bind/unbind, addres...

5.5CVSS5.8AI score0.00013EPSS

Exploits0References4Affected Software1

ATTACKERKB•added 2026/05/08 2:21 p.m.•3 views

CVE-2026-43421

5.8AI score0.00013EPSS

Exploits0References5Affected Software1

Positive Technologies•added 2026/05/08 12:0 a.m.•4 views

PT-2026-39082

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw in the f ncm USB gadget driver allows a network device to outlive its parent gadget device during disconnection. This leads to dangling sysfs links and null pointer dereference...

5.5CVSS5.8AI score0.00013EPSS

Exploits0References17

Tenable Nessus•added 2026/05/08 12:0 a.m.•4 views

Linux Distros Unpatched Vulnerability : CVE-2026-43421

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - usb: gadget: fncm: Fix netdevice lifecycle with devicemove The network device outlived its parent gadget device during disconnection, resulting in dangling sysf...

5.5CVSS5.8AI score0.00013EPSS

SUSE CVE•added 2026/05/07 2:21 a.m.•5 views

SUSE CVE-2026-31722

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: frndis: Fix netdevice lifecycle with devicemove The netdevice is allocated during function instance creation and registered during the bind phase with the gadget device as its sysfs parent. When the function unbinds,...

5.5CVSS5.7AI score0.00015EPSS

SUSE CVE•added 2026/05/07 2:21 a.m.•3 views

SUSE CVE-2026-31723

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: fsubset: Fix netdevice lifecycle with devicemove The netdevice is allocated during function instance creation and registered during the bind phase with the gadget device as its sysfs parent. When the function unbinds...

5.7AI score0.00015EPSS

SUSE CVE•added 2026/05/06 1:43 a.m.•2 views

SUSE CVE-2026-31724

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: feem: Fix netdevice lifecycle with devicemove The netdevice is allocated during function instance creation and registered during the bind phase with the gadget device as its sysfs parent. When the function unbinds, t...

5.7AI score0.00015EPSS

SUSE CVE•added 2026/05/05 1:46 a.m.•4 views

SUSE CVE-2026-31725

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: fecm: Fix netdevice lifecycle with devicemove The netdevice is allocated during function instance creation and registered during the bind phase with the gadget device as its sysfs parent. When the function unbinds, t...

5.5CVSS5.7AI score0.00015EPSS

Tenable Nessus•added 2026/05/02 12:0 a.m.•1 views

Linux Distros Unpatched Vulnerability : CVE-2026-31724

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - usb: gadget: feem: Fix netdevice lifecycle with devicemove The netdevice is allocated during function instance creation and registered during the bind phase wit...

Tenable Nessus•added 2026/05/02 12:0 a.m.•0 views

Linux Distros Unpatched Vulnerability : CVE-2026-31725

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - usb: gadget: fecm: Fix netdevice lifecycle with devicemove The netdevice is allocated during function instance creation and registered during the bind phase wit...

Tenable Nessus•added 2026/05/02 12:0 a.m.•0 views

Linux Distros Unpatched Vulnerability : CVE-2026-31723

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - usb: gadget: fsubset: Fix netdevice lifecycle with devicemove The netdevice is allocated during function instance creation and registered during the bind phase...

NVD•added 2026/05/01 3:16 p.m.•1 views

CVE-2026-31725

5.5CVSS0.00015EPSS

NVD•added 2026/05/01 3:16 p.m.•0 views

CVE-2026-31723

5.5CVSS0.00015EPSS

Cvelist•added 2026/05/01 2:14 p.m.•24 views

CVE-2026-31725 usb: gadget: f_ecm: Fix net_device lifecycle with device_move

0.00015EPSS

CVE•added 2026/05/01 2:14 p.m.•10 views

CVE-2026-31725

CVE-2026-31725 affects the Linux kernel’s USB gadget f_ecm functionality. The vulnerability arises during function unbinds when the net_device is created and registered under the gadget device, but is not de-parented correctly, leaving dangling sysfs links under /sys/class/net and /sys/devices/pl...