44 matches found
Astra Linux - уязвимость в linux, linux-5.10
In the drivers/usb/gadget/udc/udc-xilinx.c file within the Linux kernel, before version 5.16.12, the endpoint index was not validated, and it could be manipulated by the host for out-of-array access...
usb: gadget: renesas_usb3: validate endpoint index in standard request handlers
...
DEBIAN-CVE-2026-31615
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: renesasusb3: validate endpoint index in standard request handlers The GETSTATUS and SET/CLEARFEATURE handlers extract the endpoint number from the host-supplied wIndex without any sort of validation. Fix this up by...
CVE-2026-31615
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: renesasusb3: validate endpoint index in standard request handlers The GETSTATUS and SET/CLEARFEATURE handlers extract the endpoint number from the host-supplied wIndex without any sort of validation. Fix this up by...
CVE-2026-31615 usb: gadget: renesas_usb3: validate endpoint index in standard request handlers
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: renesasusb3: validate endpoint index in standard request handlers The GETSTATUS and SET/CLEARFEATURE handlers extract the endpoint number from the host-supplied wIndex without any sort of validation. Fix this up by...
CVE-2026-31615
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: renesasusb3: validate endpoint index in standard request handlers The GETSTATUS and SET/CLEARFEATURE handlers extract the endpoint number from the host-supplied wIndex without any sort of validation. Fix this up by...
CVE-2026-31615
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: renesasusb3: validate endpoint index in standard request handlers The GETSTATUS and SET/CLEARFEATURE handlers extract the endpoint number from the host-supplied wIndex without any sort of validation. Fix this up by...
CVE-2026-31615
In CVE-2026-31615, the Linux kernel USB gadget code for renesas_usb3 (and related aspeed_udc context) did not validate endpoint indices in standard requests (GET_STATUS, SET/CLEAR_FEATURE). The host-supplied wIndex could be used to dereference a pointer without confirming endpoint count, risking ...
Azure Linux 3.0 Security Update: kernel (CVE-2024-46836)
The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-46836 advisory. - In the Linux kernel, the following vulnerability has been resolved: usb: gadget: aspeedudc: validate endpoin...
Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001685)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001685 advisory. In drivers/usb/gadget/udc/udc-xilinx.c in the Linux kernel before 5.16.12, the endpoint index is not validated and might be manipulated by the host for out-of-array...
Siemens Ruggedcom ROX Improper Validation of Array Index (CVE-2022-27223)
In drivers/usb/gadget/udc/udc-xilinx.c in the Linux kernel before 5.16.12, the endpoint index is not validated and might be manipulated by the host for out-of-array access. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-414432)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-414432 advisory. In drivers/usb/gadget/udc/udc-xilinx.c in the Linux kernel before 5.16.12, the endpoint index is not validated and might be manipulated by the host for out-of-array...
Linux Distros Unpatched Vulnerability : CVE-2021-47269
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - usb: dwc3: ep0: fix NULL pointer exception There is no validation of the index from dwc3wIndextodep and we might be referring a non-existing ep and trigger a NU...
Linux Distros Unpatched Vulnerability : CVE-2022-27223
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In drivers/usb/gadget/udc/udc-xilinx.c in the Linux kernel before 5.16.12, the endpoint index is not validated and might be manipulated by the host for...
CVE-2025-2597
Reflected Cross-Site Scripting XSS in ITIUM 6050 version 5.5.5.2-b3526 from Impact Technologies. This vulnerability could allow an attacker to execute malicious Javascript code via GET and POST requests to the ‘/index.php’ endpoint and injecting code into the ‘idsession...
usb: gadget: aspeed_udc: validate endpoint index for ast udc
...
SUSE CVE-2024-46836
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: aspeedudc: validate endpoint index for ast udc We should verify the bound of the array to assure that host may not manipulate the index to point past endpoint array. Found by static analysis...
CVE-2024-46836
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: aspeedudc: validate endpoint index for ast udc We should verify the bound of the array to assure that host may not manipulate the index to point past endpoint array. Found by static analysis...
DEBIAN-CVE-2024-46836
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: aspeedudc: validate endpoint index for ast udc We should verify the bound of the array to assure that host may not manipulate the index to point past endpoint array. Found by static analysis...
UBUNTU-CVE-2024-46836
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: aspeedudc: validate endpoint index for ast udc We should verify the bound of the array to assure that host may not manipulate the index to point past endpoint array. Found by static analysis...