Lucene search
K

362 matches found

AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: usb: dwc3-meson-g12a: Fixed an issue where the USB2 PHY glue initialization was performed when PHY0 was disabled. When only PHY1 is used for example, on Odroid-HC4, the regmap initialization code uses USB2 ports without...

5.5CVSS5.3AI score0.00222EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: ep0: fix NULL pointer exception There is no validation of the index from dwc3wIndextodep, and we might be referring to a non-existent ep, triggering a NULL pointer exception. In certain configurations, we might use few...

5.5CVSS5.4AI score0.0026EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: gadget: Check that the event count does not exceed the event buffer length. The event count is read from the register DWC3GEVNTCOUNT. There is a check for the count being zero, but no check for exceeding the event buff...

7.8CVSS6.3AI score0.00184EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: Wait unconditionally after issuing the ENDXFER command. Currently, for all controller IP/versions except DWC3usb3 = 310a, a 1ms wait is required unconditionally for the completion of ENDXFER when the IOC is not set. Th...

5.5CVSS5.6AI score0.00212EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: usb: dwc3-am62: Fixed the behavior of module unloading and reloading. When runtime PM is enabled, the module can be suspended during runtime when the .remove method is called. Call pmruntimegetsync to ensure that the module is...

5.5CVSS6.2AI score0.00222EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: core: fix some leaks in probe. The dwc3getproperties function calls: dwc-usbpsy = powersupplygetbynameusbpsyname; So some additional cleanup is required along these error paths...

5.5CVSS5.2AI score0.00187EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: core: flush gadget workqueue after device removal The devicedel function can cause new work to be scheduled in the gadget-workqueue. This issue is observed, for example, with the dwc3 driver, as follows: c devicedel...

5.5CVSS6.2AI score0.00185EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: qcom: Fix potential memory leak The function dwc3qcomprobe allocates memory for the resource structure pointed by the parentres pointer. This memory is not freed, leading to a memory leak. Using stack memory can preven...

5.5CVSS5.2AI score0.00146EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: gadget: Replace listforeachentrysafe when using giveback The listforeachentrysafe macro saves the current item n and the item after n+1, so that n can be safely removed without corrupting the list. However, when...

5.5CVSS6AI score0.00246EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: gadget: A fix was made to the NULL pointer dereference in dwc3gadgetsuspend. In current scenarios where “Plug-out” and “Plug-In” operations are performed continuously, there is a possibility that a NULL pointer...

5.5CVSS6AI score0.00258EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: gadget: Fix looping of queued SG entries The value of dwc3request-numqueuedsgs is decremented upon completion. If a partially completed request is processed, then dwc3request-numqueuedsgs no longer reflects the total...

5.5CVSS6.1AI score0.00208EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: gadget: Moving vbus draw to the workqueue context Currently, the dwc3gadgetvbusdraw function can be called from an atomic context. This, in turn, invokes APIs from the power-supply-core. Some of these PMIC APIs have...

5.5CVSS5.3AI score0.00122EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2026/05/09 2:41 a.m.11 views

SUSE CVE-2026-43170

In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: gadget: Move vbus draw to workqueue context Currently dwc3gadgetvbusdraw can be called from atomic context, which in turn invokes power-supply-core APIs. And some these PMIC APIs have operations that may sleep, leading...

5.7AI score0.00122EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/05/06 7:56 p.m.10 views

CVE-2026-43170

A flaw was found in the Linux kernel's USB DWC3 gadget driver. This vulnerability occurs when the dwc3gadgetvbusdraw function is called from an atomic context, which then invokes power management integrated circuit PMIC APIs that may cause the system to sleep. An attacker could exploit this...

5.5CVSS5.8AI score0.00122EPSS
Exploits0References4
EUVD
EUVD
added 2026/05/06 12:30 p.m.7 views

EUVD-2026-27731

In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: gadget: Move vbus draw to workqueue context Currently dwc3gadgetvbusdraw can be called from atomic context, which in turn invokes power-supply-core APIs. And some these PMIC APIs have operations that may sleep, leading...

5.8AI score0.00122EPSS
Exploits0References6
NVD
NVD
added 2026/05/06 12:16 p.m.11 views

CVE-2026-43170

In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: gadget: Move vbus draw to workqueue context Currently dwc3gadgetvbusdraw can be called from atomic context, which in turn invokes power-supply-core APIs. And some these PMIC APIs have operations that may sleep, leading...

5.5CVSS0.00122EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/05/06 11:27 a.m.26 views

CVE-2026-43170 usb: dwc3: gadget: Move vbus draw to workqueue context

In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: gadget: Move vbus draw to workqueue context Currently dwc3gadgetvbusdraw can be called from atomic context, which in turn invokes power-supply-core APIs. And some these PMIC APIs have operations that may sleep, leading...

0.00122EPSS
Exploits0References5
CVE
CVE
added 2026/05/06 11:27 a.m.17 views

CVE-2026-43170

CVE-2026-43170 affects the Linux kernel USB DWC3 gadget driver. The vulnerability arises when dwc3_gadget_vbus_draw() is called from atomic context and may invoke PMIC APIs that sleep, risking kernel panic. The fix moves vbus_draw to a workqueue context, mitigating sleep in atomic operations. Aff...

5.5CVSS5.8AI score0.00122EPSS
Exploits0References5Affected Software1
Debian CVE
Debian CVE
added 2026/05/06 11:27 a.m.8 views

CVE-2026-43170

In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: gadget: Move vbus draw to workqueue context Currently dwc3gadgetvbusdraw can be called from atomic context, which in turn invokes power-supply-core APIs. And some these PMIC APIs have operations that may sleep, leading...

5.5CVSS5.7AI score0.00122EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/05/06 12:0 a.m.14 views

PT-2026-37510

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists where the dwc3 gadget vbus draw function can be called from an atomic context. This function invokes power-supply-core APIs, some of which contain PMIC Power Management...

7.8CVSS5.4AI score0.00371EPSS
Exploits0References50
Rows per page
Query Builder