35 matches found
SUSE CVE-2026-46128
In the Linux kernel, the following vulnerability has been resolved: ipmi: Check event message buffer response for bad data The event message buffer response data size got checked later when processing, but check it right after the response comes back. It appears some BMCs may return an empty...
CVE-2026-46128
In the Linux kernel, the following vulnerability has been resolved: ipmi: Check event message buffer response for bad data The event message buffer response data size got checked later when processing, but check it right after the response comes back. It appears some BMCs may return an empty...
Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: core: Prevent USB core from accessing an invalid event buffer address This commit addresses a issue where the USB core might access an invalid event buffer address during runtime suspension, potentially causing SMMU...
CVE-2026-43048
A flaw was found in the Linux kernel's Human Interface Device HID core. An incorrect memset operation within the hidreportrawevent function can lead to out-of-bounds OOB reads and writes. This vulnerability occurs when the incoming event buffer size is insufficient to fill the associated report,...
CVE-2026-43048
The CVE concerns the Linux kernel HID core. The issue arises in hid_report_raw_event() where a memset() intended to clear bogus data can trigger out-of-bounds reads/writes when the incoming event buffer is not large enough for the report. The fix removes the problematic memset() and instead retur...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-992957)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992957 advisory. In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: core: Prevent USB core invalid event buffer address access This commit addresses an...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992656)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992656 advisory. In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: gadget: check that event count does not exceed event buffer length The event count is...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from not properly freeing the event buffer, which could lead to a memory leak...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-990852)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990852 advisory. In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: core: Prevent USB core invalid event buffer address access This commit addresses an...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-986603)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986603 advisory. In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: core: Prevent USB core invalid event buffer address access This commit addresses an...
EUVD-2025-13978
Malicious code in bioql PyPI...
kernel security update
An update is available for kernel. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The kernel packages contain the Linux kernel, the core of any Linux operating...
kernel: usb: dwc3: gadget: check that event count does not exceed event buffer length
In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: gadget: check that event count does not exceed event buffer length The event count is read from register DWC3GEVNTCOUNT. There is a check for the count being zero, but not for exceeding the event buffer length. Check...
Moderate: Red Hat Security Advisory: kernel security update
An update for kernel is now available for Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...
kernel: usb: dwc3: gadget: check that event count does not exceed event buffer length
In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: gadget: check that event count does not exceed event buffer length The event count is read from register DWC3GEVNTCOUNT. There is a check for the count being zero, but not for exceeding the event buffer length. Check...
kernel: usb: dwc3: gadget: check that event count does not exceed event buffer length
In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: gadget: check that event count does not exceed event buffer length The event count is read from register DWC3GEVNTCOUNT. There is a check for the count being zero, but not for exceeding the event buffer length. Check...
kernel: usb: dwc3: gadget: check that event count does not exceed event buffer length
In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: gadget: check that event count does not exceed event buffer length The event count is read from register DWC3GEVNTCOUNT. There is a check for the count being zero, but not for exceeding the event buffer length. Check...
usb: dwc3: gadget: check that event count does not exceed event buffer length
...
CVE-2019-10537
Improper validation of event buffer extracted from FW response can lead to integer overflow, which will allow to pass the length check and eventually will lead to buffer overwrite when event data is copied to context buffer in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity,...
kernel: usb: dwc3: core: Prevent USB core invalid event buffer address access
In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: core: Prevent USB core invalid event buffer address access This commit addresses an issue where the USB core could access an invalid event buffer address during runtime suspend, potentially causing SMMU faults and othe...