Lucene search
K

21 matches found

RedHat Linux
RedHat Linux
added 2026/03/03 8:57 p.m.4 views

kernel: Linux kernel: Denial of Service via out-of-bounds read in USB configuration parsing

A flaw was found in the Linux kernel's USB core configuration parsing. Specifically, the usbparsessendpointcompanion function incorrectly checks the descriptor type before its length, which can lead to reading data beyond the intended buffer. This out-of-bounds read vulnerability could allow a...

7.1CVSS5.8AI score0.00164EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/02/26 4:25 a.m.6 views

kernel: Linux kernel: Denial of Service via out-of-bounds read in USB configuration parsing

A flaw was found in the Linux kernel's USB core configuration parsing. Specifically, the usbparsessendpointcompanion function incorrectly checks the descriptor type before its length, which can lead to reading data beyond the intended buffer. This out-of-bounds read vulnerability could allow a...

7.1CVSS5.8AI score0.00164EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/02/25 4:10 a.m.14 views

kernel: Linux kernel: Denial of Service via out-of-bounds read in USB configuration parsing

A flaw was found in the Linux kernel's USB core configuration parsing. Specifically, the usbparsessendpointcompanion function incorrectly checks the descriptor type before its length, which can lead to reading data beyond the intended buffer. This out-of-bounds read vulnerability could allow a...

7.1CVSS5.8AI score0.00164EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/02/24 12:53 a.m.1 views

kernel: Linux kernel: Denial of Service via out-of-bounds read in USB configuration parsing

A flaw was found in the Linux kernel's USB core configuration parsing. Specifically, the usbparsessendpointcompanion function incorrectly checks the descriptor type before its length, which can lead to reading data beyond the intended buffer. This out-of-bounds read vulnerability could allow a...

7.1CVSS5.8AI score0.00164EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/02/09 2:40 a.m.3 views

kernel: Linux kernel: Denial of Service via out-of-bounds read in USB configuration parsing

A flaw was found in the Linux kernel's USB core configuration parsing. Specifically, the usbparsessendpointcompanion function incorrectly checks the descriptor type before its length, which can lead to reading data beyond the intended buffer. This out-of-bounds read vulnerability could allow a...

7.1CVSS5.8AI score0.00164EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/02/02 4:6 a.m.2 views

kernel: Linux kernel: Denial of Service via out-of-bounds read in USB configuration parsing

A flaw was found in the Linux kernel's USB core configuration parsing. Specifically, the usbparsessendpointcompanion function incorrectly checks the descriptor type before its length, which can lead to reading data beyond the intended buffer. This out-of-bounds read vulnerability could allow a...

7.1CVSS5.8AI score0.00164EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/02/02 3:27 a.m.4 views

kernel: Linux kernel: Denial of Service via out-of-bounds read in USB configuration parsing

A flaw was found in the Linux kernel's USB core configuration parsing. Specifically, the usbparsessendpointcompanion function incorrectly checks the descriptor type before its length, which can lead to reading data beyond the intended buffer. This out-of-bounds read vulnerability could allow a...

7.1CVSS5.8AI score0.00164EPSS
Exploits0References5
BDU FSTEC
BDU FSTEC
added 2025/12/05 12:0 a.m.1 views

The vulnerability of the `usb_parse_ss_endpoint_companion()` function in the drivers/usb/core/config.c file of the Linux kernel allows a attacker to compromise the confidentiality and accessibility of protected information.

The vulnerability of the usbparsessendpointcompanion function in the drivers/usb/core/config.c file of the Linux kernel lies in the copying of buffers without checking the input data. Exploiting this vulnerability allows an attacker to compromise the confidentiality and accessibility of the...

5.1CVSS7.1AI score0.00164EPSS
Exploits0References22Affected Software8
AstraLinux
AstraLinux
added 2025/11/01 10:54 a.m.4 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: usb: core: config: This issue prevents OOB out-of-band reading during the parsing of the SS endpoint companion. The usbparsessendpointcompanion function checks the descriptor type before the length, thereby preventing a potential...

7.1CVSS6.3AI score0.00164EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2025-28952

Malicious code in bioql PyPI...

6.3AI score0.00164EPSS
Exploits0References9
SUSE CVE
SUSE CVE
added 2025/09/11 11:24 p.m.3 views

SUSE CVE-2025-39760

In the Linux kernel, the following vulnerability has been resolved: usb: core: config: Prevent OOB read in SS endpoint companion parsing usbparsessendpointcompanion checks descriptor type before length, enabling a potentially odd read outside of the buffer size. Fix this up by checking the size...

5.1CVSS6.7AI score0.00164EPSS
Exploits0References27
OSV
OSV
added 2025/09/11 5:15 p.m.6 views

AZL-75110 CVE-2025-39760 affecting package kernel for versions less than 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: usb: core: config: Prevent OOB read in SS endpoint companion parsing usbparsessendpointcompanion checks descriptor type before length, enabling a potentially odd read outside of the buffer size. Fix this up by checking the size...

7.1CVSS5.7AI score0.00164EPSS
Exploits0References1
OSV
OSV
added 2025/09/11 5:15 p.m.7 views

AZL-67154 CVE-2025-39760 affecting package kernel for versions less than 6.6.104.2-1

In the Linux kernel, the following vulnerability has been resolved: usb: core: config: Prevent OOB read in SS endpoint companion parsing usbparsessendpointcompanion checks descriptor type before length, enabling a potentially odd read outside of the buffer size. Fix this up by checking the size...

7.1CVSS5.7AI score0.00164EPSS
Exploits0References1
OSV
OSV
added 2025/09/11 5:15 p.m.4 views

DEBIAN-CVE-2025-39760

In the Linux kernel, the following vulnerability has been resolved: usb: core: config: Prevent OOB read in SS endpoint companion parsing usbparsessendpointcompanion checks descriptor type before length, enabling a potentially odd read outside of the buffer size. Fix this up by checking the size...

7.1CVSS6.2AI score0.00164EPSS
Exploits0References1
NVD
NVD
added 2025/09/11 5:15 p.m.4 views

CVE-2025-39760

In the Linux kernel, the following vulnerability has been resolved: usb: core: config: Prevent OOB read in SS endpoint companion parsing usbparsessendpointcompanion checks descriptor type before length, enabling a potentially odd read outside of the buffer size. Fix this up by checking the size...

7.1CVSS0.00164EPSS
Exploits0References11
OSV
OSV
added 2025/09/11 5:15 p.m.5 views

UBUNTU-CVE-2025-39760

In the Linux kernel, the following vulnerability has been resolved: usb: core: config: Prevent OOB read in SS endpoint companion parsing usbparsessendpointcompanion checks descriptor type before length, enabling a potentially odd read outside of the buffer size. Fix this up by checking the size...

7.1CVSS6.6AI score0.00164EPSS
Exploits0References36
Vulnrichment
Vulnrichment
added 2025/09/11 4:52 p.m.4 views

CVE-2025-39760 usb: core: config: Prevent OOB read in SS endpoint companion parsing

In the Linux kernel, the following vulnerability has been resolved: usb: core: config: Prevent OOB read in SS endpoint companion parsing usbparsessendpointcompanion checks descriptor type before length, enabling a potentially odd read outside of the buffer size. Fix this up by checking the size...

6.8AI score0.00164EPSS
Exploits0References8
OSV
OSV
added 2025/09/11 4:52 p.m.2 views

CVE-2025-39760 usb: core: config: Prevent OOB read in SS endpoint companion parsing

In the Linux kernel, the following vulnerability has been resolved: usb: core: config: Prevent OOB read in SS endpoint companion parsing usbparsessendpointcompanion checks descriptor type before length, enabling a potentially odd read outside of the buffer size. Fix this up by checking the size...

7.1CVSS6.2AI score0.00164EPSS
Exploits0References14
Cvelist
Cvelist
added 2025/09/11 4:52 p.m.7 views

CVE-2025-39760 usb: core: config: Prevent OOB read in SS endpoint companion parsing

In the Linux kernel, the following vulnerability has been resolved: usb: core: config: Prevent OOB read in SS endpoint companion parsing usbparsessendpointcompanion checks descriptor type before length, enabling a potentially odd read outside of the buffer size. Fix this up by checking the size...

0.00164EPSS
Exploits0References8
CVE
CVE
added 2025/09/11 4:52 p.m.38 views

CVE-2025-39760

CVE-2025-39760 concerns the Linux kernel USB subsystem: usb_parse_ss_endpoint_companion() previously read descriptor fields without ensuring the descriptor length, enabling an out-of-bounds read in SS endpoint companion parsing. The fixed code now checks the size before accessing descriptor field...

7.1CVSS6.3AI score0.00164EPSS
Exploits0References11Affected Software1
Rows per page
Query Builder