45 matches found
Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: fncm: Refactor the bind path to use free After a bind/unbind cycle, the ncm-notifyreq remains stale. If a subsequent bind fails, the unified error handling mechanism attempts to free this stale request. This leads to...
SUSE CVE-2026-43421
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: fncm: Fix netdevice lifecycle with devicemove The network device outlived its parent gadget device during disconnection, resulting in dangling sysfs links and null pointer dereference problems. A prior attempt to sol...
SUSE CVE-2026-43423
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...
EUVD-2026-28729
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: fncm: Fix atomic context locking issue The ncmsetalt function was holding a mutex to protect against races with configfs, which invokes the might-sleep function inside an atomic context. Remove the struct netdevice...
EUVD-2026-28727
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: fncm: Fix netdevice lifecycle with devicemove The network device outlived its parent gadget device during disconnection, resulting in dangling sysfs links and null pointer dereference problems. A prior attempt to sol...
CVE-2026-43423
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...
CVE-2026-43421
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: fncm: Fix netdevice lifecycle with devicemove The network device outlived its parent gadget device during disconnection, resulting in dangling sysfs links and null pointer dereference problems. A prior attempt to sol...
UBUNTU-CVE-2026-43423
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: fncm: Fix atomic context locking issue The ncmsetalt function was holding a mutex to protect against races with configfs, which invokes the might-sleep function inside an atomic context. Remove the struct netdevice...
CVE-2026-43423
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: fncm: Fix atomic context locking issue The ncmsetalt function was holding a mutex to protect against races with configfs, which invokes the might-sleep function inside an atomic context. Remove the struct netdevice...
CVE-2026-43421
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: fncm: Fix netdevice lifecycle with devicemove The network device outlived its parent gadget device during disconnection, resulting in dangling sysfs links and null pointer dereference problems. A prior attempt to sol...
UBUNTU-CVE-2026-43421
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: fncm: Fix netdevice lifecycle with devicemove The network device outlived its parent gadget device during disconnection, resulting in dangling sysfs links and null pointer dereference problems. A prior attempt to sol...
CVE-2026-43423
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: fncm: Fix atomic context locking issue The ncmsetalt function was holding a mutex to protect against races with configfs, which invokes the might-sleep function inside an atomic context. Remove the struct netdevice...
CVE-2026-43423
Concrete details show a Linux kernel issue in the usb gadget f_ncm driver: the ncm_set_alt function held a mutex to guard configfs races and invoked may_sleep in an atomic context, enabling a potential sleep path. The fix removes a struct net_device pointer from f_ncm_opts and introduces a new bo...
CVE-2026-43421
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: fncm: Fix netdevice lifecycle with devicemove The network device outlived its parent gadget device during disconnection, resulting in dangling sysfs links and null pointer dereference problems. A prior attempt to sol...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the usb gadget fncm driver. When the connection is disconnected, the network device’s lifecycle...
Linux Distros Unpatched Vulnerability : CVE-2026-43423
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: usb: gadget: fncm: Fix atomic context locking issue The ncmsetalt function was holding a mut...
SUSE CVE-2026-23320
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...
CVE-2026-23320
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...
CVE-2026-23320
CVE-2026-23320 concerns the Linux kernel USB gadget f_ncm driver. The root cause is that the net_device was allocated in ncm_alloc_inst() and freed in ncm_free_inst(), tying the interface lifetime to the configuration instance rather than the USB connection, which can cause the network interface ...
usb: gadget: f_ncm: Refactor bind path to use __free()
...