Lucene search
+L

82 matches found

NVD
NVD
added 2 hours ago3 views

CVE-2026-63927

In the Linux kernel, the following vulnerability has been resolved: usb: dwc2: Fix use after free in debug code We're not allowed to dereference "urb" after calling usbhcdgivebackurb so save the urb-status ahead of time...

Exploits0References8
Cvelist
Cvelist
added 3 hours ago5 views

CVE-2026-63927 usb: dwc2: Fix use after free in debug code

In the Linux kernel, the following vulnerability has been resolved: usb: dwc2: Fix use after free in debug code We're not allowed to dereference "urb" after calling usbhcdgivebackurb so save the urb-status ahead of time...

Exploits0References8
EUVD
EUVD
added 3 hours ago3 views

EUVD-2026-45700

In the Linux kernel, the following vulnerability has been resolved: usb: dwc2: Fix use after free in debug code We're not allowed to dereference "urb" after calling usbhcdgivebackurb so save the urb-status ahead of time...

5.4AI score
Exploits0References8
CVE
CVE
added 3 hours ago4 views

CVE-2026-63927

The CVE affects the Linux kernel USB subsystem (dwc2 driver). The issue is a use-after-free in the debug path where the urb could be dereferenced after usb_hcd_giveback_urb(). The fix saves urb->status before returning the URB to avoid dereferencing after the giveback, preventing use-after-fre...

5.4AI score
Exploits0References8
Positive Technologies
Positive Technologies
added 18 hours ago3 views

PT-2026-61244

In the Linux kernel, the following vulnerability has been resolved: usb: dwc2: Fix use after free in debug code We're not allowed to dereference "urb" after calling usb hcd giveback urb so save the urb-status ahead of time...

5.3AI score
Exploits0References9
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: - usb: dwc2: gadget: Fixed the mismatch between spinlock and unlock calls in dwc2hsotgudcstop. - dwc2gadgetexitclockgating: Internally calls the callgadget macro, which expects hsotg-lock to be held since it performs...

5.5CVSS5.9AI score0.00095EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerability has been resolved: usb:dwc2: Fixed a memory leak in dwc2hcdinit. usbcreatehcd will allocate memory for hcd, and we should call usbputhcd to free that memory when platformgetresource fails—this prevents the memory leak. The code has been modified to...

5.5CVSS6.2AI score0.00268EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Qemu

A divide-by-zero issue was discovered in dwc2handlepacket in hw/usb/hcd-dwc2.c, within the hcd-dwc2 USB host controller emulation in QEMU. A malicious guest could exploit this flaw to crash the QEMU process on the host, resulting in a denial of service...

6.5CVSS6.7AI score0.00314EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2026/05/06 1:43 a.m.15 views

SUSE CVE-2026-31756

In the Linux kernel, the following vulnerability has been resolved: usb: dwc2: gadget: Fix spinlock/unlock mismatch in dwc2hsotgudcstop dwc2gadgetexitclockgating internally calls callgadget macro, which expects hsotg-lock to be held since it does spinunlock/spinlock around the gadget driver...

5.5CVSS5.7AI score0.00095EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/05/02 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2026-31756

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - usb: dwc2: gadget: Fix spinlock/unlock mismatch in dwc2hsotgudcstop dwc2gadgetexitclockgating internally calls callgadget macro, which expects hsotg-lock to be...

5.5CVSS6.1AI score0.00095EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/05/01 10:29 p.m.5 views

CVE-2026-31756

A flaw was found in the Linux kernel's dwc2 USB gadget driver. A local user could trigger an incorrect locking sequence within the dwc2hsotgudcstop function. This issue, a spinlock/unlock mismatch, can lead to a system deadlock, causing a Denial of Service DoS for the affected system...

5.5CVSS5.8AI score0.00095EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/05/01 2:14 p.m.8 views

CVE-2026-31756

In the Linux kernel, the following vulnerability has been resolved: usb: dwc2: gadget: Fix spinlock/unlock mismatch in dwc2hsotgudcstop dwc2gadgetexitclockgating internally calls callgadget macro, which expects hsotg-lock to be held since it does spinunlock/spinlock around the gadget driver...

5.5CVSS5.7AI score0.00095EPSS
Exploits0References8Affected Software1
Positive Technologies
Positive Technologies
added 2026/05/01 12:0 a.m.7 views

PT-2026-36391

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A spin lock/unlock mismatch exists in the dwc2 hsotg udc stop function. The dwc2 gadget exit clock gating function internally utilizes the call gadget macro, which requires hsotg-lock to...

5.5CVSS5.8AI score0.00095EPSS
Exploits0References18
Tenable Nessus
Tenable Nessus
added 2026/04/21 12:0 a.m.8 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-013316)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013316 advisory. In the Linux kernel, the following vulnerability has been resolved: usb: dwc2: host: Fix dereference issue in DDMA completion flow. Fixed variable dereference issue ...

5.5CVSS6.7AI score0.00247EPSS
Exploits0References4
Redos
Redos
added 2026/01/28 12:0 a.m.4 views

ROS-20260128-73-0021

A vulnerability in the drivers/usb/dwc2/platform.c module of the Linux operating system kernel is related to a memory leak. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

5.5CVSS5.9AI score0.00169EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/12/31 12:0 a.m.0 views

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-993165)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-993165 advisory. In the Linux kernel, the following vulnerability has been resolved: usb: dwc2: fix a devres leak in hwenable upon suspend resume Each time the platform goes to low...

5.5CVSS6.1AI score0.00169EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/12/30 12:0 a.m.2 views

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992569)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992569 advisory. In the Linux kernel, the following vulnerability has been resolved: usb: dwc2: fix a devres leak in hwenable upon suspend resume Each time the platform goes to low...

5.5CVSS6.1AI score0.00169EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/11/05 12:0 a.m.3 views

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989363)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989363 advisory. In the Linux kernel, the following vulnerability has been resolved: usb: dwc2: check return value after calling platformgetresource It will cause null-ptr-deref if...

5.5CVSS5.9AI score0.00244EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/10/07 12:0 a.m.2 views

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-986633)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986633 advisory. In the Linux kernel, the following vulnerability has been resolved: usb: dwc2: Fix memory leak in dwc2hcdinit usbcreatehcd will alloc memory for hcd, and we should...

5.5CVSS5.9AI score0.00268EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/10/07 12:0 a.m.5 views

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-986430)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986430 advisory. In the Linux kernel, the following vulnerability has been resolved: usb: dwc2: check return value after calling platformgetresource It will cause null-ptr-deref if...

5.5CVSS5.9AI score0.00244EPSS
Exploits0References3
Rows per page
Query Builder