16 matches found
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the usb gadget fncm driver. When the connection is disconnected, the network device’s lifecycle...
CVE-2026-31760
A flaw was found in the Linux kernel's gpib: lpvousb driver. This memory leak vulnerability occurs when the driver fails to release references to USB devices upon disconnection. A local user with the ability to connect and disconnect USB devices could repeatedly trigger this flaw, leading to...
CVE-2026-31728
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: uether: Fix race between getherdisconnect and ethstop A race condition between getherdisconnect and ethstop leads to a NULL pointer dereference. Specifically, if ethstop is triggered concurrently while getherdisconne...
SUSE CVE-2026-31650
In the Linux kernel, the following vulnerability has been resolved: mmc: vub300: fix use-after-free on disconnect The vub300 driver maintains an explicit reference count for the controller and its driver data and the last reference can in theory be dropped after the driver has been unbound. This...
SUSE CVE-2026-23039
In the Linux kernel, the following vulnerability has been resolved: drm/gud: fix NULL fb and crtc dereferences on USB disconnect On disconnect drmatomichelperdisableall is called which sets both the fb and crtc for a plane to NULL before invoking a commit. This causes a kernel oops on every displ...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a failure to reset the context when disconnecting, which could result in a subflow data-ready warning...
kernel: Bluetooth: Fix use after free in hci_send_acl
A vulnerability was found in the Linux kernel's Bluetooth subsystem in the hcidisconnphylinkcompleteevt function. Improper cleanup and reference handling can lead to a connection object, hcon, being freed and then later accessed during a subsequent function call. This issue can lead to a...
kernel: Bluetooth: Fix use after free in hci_send_acl
A vulnerability was found in the Linux kernel's Bluetooth subsystem in the hcidisconnphylinkcompleteevt function. Improper cleanup and reference handling can lead to a connection object, hcon, being freed and then later accessed during a subsequent function call. This issue can lead to a...
kernel: Bluetooth: Fix use after free in hci_send_acl
A vulnerability was found in the Linux kernel's Bluetooth subsystem in the hcidisconnphylinkcompleteevt function. Improper cleanup and reference handling can lead to a connection object, hcon, being freed and then later accessed during a subsequent function call. This issue can lead to a...
OESA-2025-1513 kernel security update
The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Fix use after free in hcisendacl This fixes the following trace caused by receiving HCIEVDISCONNPHYLINKCOMPLETE which does call hciconndel without fir...
SUSE CVE-2007-1869
lighttpd 1.4.12 and 1.4.13 allows remote attackers to cause a denial of service cpu and resource consumption by disconnecting while lighttpd is parsing CRLF sequences, which triggers an infinite loop and file descriptor consumption...
SUSE CVE-2020-27153
In BlueZ before 5.55, a double free was found in the gatttool disconnectcb routine from shared/att.c. A remote attacker could potentially cause a denial of service or code execution, during service discovery, due to a redundant disconnect MGMT event...
kernel: use-after-free in net/bluetooth/hci_event.c when destroying an hci_chan
A use-after-free flaw was found in hcisendacl in the bluetooth host controller interface HCI in Linux kernel, where a local attacker with an access rights could cause a denial of service problem on the system The issue results from the object hchan, freed in hcidisconnloglinkcompleteevt, yet stil...
kernel: use-after-free in net/bluetooth/hci_event.c when destroying an hci_chan
A use-after-free flaw was found in hcisendacl in the bluetooth host controller interface HCI in Linux kernel, where a local attacker with an access rights could cause a denial of service problem on the system The issue results from the object hchan, freed in hcidisconnloglinkcompleteevt, yet stil...
CVE-2020-27153
In BlueZ before 5.55, a double free was found in the gatttool disconnectcb routine from shared/att.c. A remote attacker could potentially cause a denial of service or code execution, during service discovery, due to a redundant disconnect MGMT event...
PT-2018-11059 · Sangoma · Asterisk Open Source
Name of the Vulnerable Software and Affected Versions: Asterisk Open Source versions 15.x before 15.4.1 Description: An issue was discovered in Asterisk Open Source. When connected to Asterisk via TCP/TLS, if the client abruptly disconnects, or sends a specially crafted message, then Asterisk get...