21 matches found
kernel: Linux kernel: Denial of Service via out-of-bounds read in USB configuration parsing
A flaw was found in the Linux kernel's USB core configuration parsing. Specifically, the usbparsessendpointcompanion function incorrectly checks the descriptor type before its length, which can lead to reading data beyond the intended buffer. This out-of-bounds read vulnerability could allow a...
kernel: Linux kernel: Denial of Service via out-of-bounds read in USB configuration parsing
A flaw was found in the Linux kernel's USB core configuration parsing. Specifically, the usbparsessendpointcompanion function incorrectly checks the descriptor type before its length, which can lead to reading data beyond the intended buffer. This out-of-bounds read vulnerability could allow a...
kernel: Linux kernel: Denial of Service via out-of-bounds read in USB configuration parsing
A flaw was found in the Linux kernel's USB core configuration parsing. Specifically, the usbparsessendpointcompanion function incorrectly checks the descriptor type before its length, which can lead to reading data beyond the intended buffer. This out-of-bounds read vulnerability could allow a...
kernel: Linux kernel: Denial of Service via out-of-bounds read in USB configuration parsing
A flaw was found in the Linux kernel's USB core configuration parsing. Specifically, the usbparsessendpointcompanion function incorrectly checks the descriptor type before its length, which can lead to reading data beyond the intended buffer. This out-of-bounds read vulnerability could allow a...
kernel: Linux kernel: Denial of Service via out-of-bounds read in USB configuration parsing
A flaw was found in the Linux kernel's USB core configuration parsing. Specifically, the usbparsessendpointcompanion function incorrectly checks the descriptor type before its length, which can lead to reading data beyond the intended buffer. This out-of-bounds read vulnerability could allow a...
kernel: Linux kernel: Denial of Service via out-of-bounds read in USB configuration parsing
A flaw was found in the Linux kernel's USB core configuration parsing. Specifically, the usbparsessendpointcompanion function incorrectly checks the descriptor type before its length, which can lead to reading data beyond the intended buffer. This out-of-bounds read vulnerability could allow a...
kernel: Linux kernel: Denial of Service via out-of-bounds read in USB configuration parsing
A flaw was found in the Linux kernel's USB core configuration parsing. Specifically, the usbparsessendpointcompanion function incorrectly checks the descriptor type before its length, which can lead to reading data beyond the intended buffer. This out-of-bounds read vulnerability could allow a...
The vulnerability of the `usb_parse_ss_endpoint_companion()` function in the drivers/usb/core/config.c file of the Linux kernel allows a attacker to compromise the confidentiality and accessibility of protected information.
The vulnerability of the usbparsessendpointcompanion function in the drivers/usb/core/config.c file of the Linux kernel lies in the copying of buffers without checking the input data. Exploiting this vulnerability allows an attacker to compromise the confidentiality and accessibility of the...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: usb: core: config: This issue prevents OOB out-of-band reading during the parsing of the SS endpoint companion. The usbparsessendpointcompanion function checks the descriptor type before the length, thereby preventing a potential...
EUVD-2025-28952
Malicious code in bioql PyPI...
SUSE CVE-2025-39760
In the Linux kernel, the following vulnerability has been resolved: usb: core: config: Prevent OOB read in SS endpoint companion parsing usbparsessendpointcompanion checks descriptor type before length, enabling a potentially odd read outside of the buffer size. Fix this up by checking the size...
AZL-75110 CVE-2025-39760 affecting package kernel for versions less than 5.15.200.1-1
In the Linux kernel, the following vulnerability has been resolved: usb: core: config: Prevent OOB read in SS endpoint companion parsing usbparsessendpointcompanion checks descriptor type before length, enabling a potentially odd read outside of the buffer size. Fix this up by checking the size...
AZL-67154 CVE-2025-39760 affecting package kernel for versions less than 6.6.104.2-1
In the Linux kernel, the following vulnerability has been resolved: usb: core: config: Prevent OOB read in SS endpoint companion parsing usbparsessendpointcompanion checks descriptor type before length, enabling a potentially odd read outside of the buffer size. Fix this up by checking the size...
DEBIAN-CVE-2025-39760
In the Linux kernel, the following vulnerability has been resolved: usb: core: config: Prevent OOB read in SS endpoint companion parsing usbparsessendpointcompanion checks descriptor type before length, enabling a potentially odd read outside of the buffer size. Fix this up by checking the size...
CVE-2025-39760
In the Linux kernel, the following vulnerability has been resolved: usb: core: config: Prevent OOB read in SS endpoint companion parsing usbparsessendpointcompanion checks descriptor type before length, enabling a potentially odd read outside of the buffer size. Fix this up by checking the size...
UBUNTU-CVE-2025-39760
In the Linux kernel, the following vulnerability has been resolved: usb: core: config: Prevent OOB read in SS endpoint companion parsing usbparsessendpointcompanion checks descriptor type before length, enabling a potentially odd read outside of the buffer size. Fix this up by checking the size...
CVE-2025-39760 usb: core: config: Prevent OOB read in SS endpoint companion parsing
In the Linux kernel, the following vulnerability has been resolved: usb: core: config: Prevent OOB read in SS endpoint companion parsing usbparsessendpointcompanion checks descriptor type before length, enabling a potentially odd read outside of the buffer size. Fix this up by checking the size...
CVE-2025-39760 usb: core: config: Prevent OOB read in SS endpoint companion parsing
In the Linux kernel, the following vulnerability has been resolved: usb: core: config: Prevent OOB read in SS endpoint companion parsing usbparsessendpointcompanion checks descriptor type before length, enabling a potentially odd read outside of the buffer size. Fix this up by checking the size...
CVE-2025-39760 usb: core: config: Prevent OOB read in SS endpoint companion parsing
In the Linux kernel, the following vulnerability has been resolved: usb: core: config: Prevent OOB read in SS endpoint companion parsing usbparsessendpointcompanion checks descriptor type before length, enabling a potentially odd read outside of the buffer size. Fix this up by checking the size...
CVE-2025-39760
CVE-2025-39760 concerns the Linux kernel USB subsystem: usb_parse_ss_endpoint_companion() previously read descriptor fields without ensuring the descriptor length, enabling an out-of-bounds read in SS endpoint companion parsing. The fixed code now checks the size before accessing descriptor field...