16 matches found
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: fecm: Refactor the bind path to use free After a bind/unbind cycle, the ecm-notifyreq remains stale. If a subsequent bind fails, the unified error handling mechanism attempts to free this stale request. This leads to...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: frndis: Refactor the bind path to use free After a bind/unbind cycle, the rndis-notifyreq remains stale. If a subsequent bind fails, the unified error handling mechanism attempts to free this stale request. This lead...
UBUNTU-CVE-2026-23426
In the Linux kernel, the following vulnerability has been resolved: drm/logicvc: Fix device node reference leak in logicvcdrmconfigparse The logicvcdrmconfigparse function calls ofgetchildbyname to find the "layers" node but fails to release the reference, leading to a device node reference leak...
SUSE CVE-2025-40092
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: fncm: Refactor bind path to use free After an bind/unbind cycle, the ncm-notifyreq is left stale. If a subsequent bind fails, the unified error label attempts to free this stale request, leading to a NULL pointer...
SUSE CVE-2025-40094
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: facm: Refactor bind path to use free After an bind/unbind cycle, the acm-notifyreq is left stale. If a subsequent bind fails, the unified error label attempts to free this stale request, leading to a NULL pointer...
EUVD-2025-36985
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: fecm: Refactor bind path to use free After an bind/unbind cycle, the ecm-notifyreq is left stale. If a subsequent bind fails, the unified error label attempts to free this stale request, leading to a NULL pointer...
CVE-2025-40092
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: fncm: Refactor bind path to use free After an bind/unbind cycle, the ncm-notifyreq is left stale. If a subsequent bind fails, the unified error label attempts to free this stale request, leading to a NULL pointer...
CVE-2025-40093
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: fecm: Refactor bind path to use free After an bind/unbind cycle, the ecm-notifyreq is left stale. If a subsequent bind fails, the unified error label attempts to free this stale request, leading to a NULL pointer...
UBUNTU-CVE-2025-40094
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: facm: Refactor bind path to use free After an bind/unbind cycle, the acm-notifyreq is left stale. If a subsequent bind fails, the unified error label attempts to free this stale request, leading to a NULL pointer...
CVE-2025-40095
The CVE-2025-40095 entry concerns the Linux kernel USB gadget f_rndis driver. After a bind/unbind cycle, rndis->notify_req may remain stale; if a subsequent bind fails, the unified error path attempts to free this stale request, causing a NULL pointer dereference when ep->ops->free_reque...
CVE-2025-40094 usb: gadget: f_acm: Refactor bind path to use __free()
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: facm: Refactor bind path to use free After an bind/unbind cycle, the acm-notifyreq is left stale. If a subsequent bind fails, the unified error label attempts to free this stale request, leading to a NULL pointer...
CVE-2025-40093 usb: gadget: f_ecm: Refactor bind path to use __free()
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: fecm: Refactor bind path to use free After an bind/unbind cycle, the ecm-notifyreq is left stale. If a subsequent bind fails, the unified error label attempts to free this stale request, leading to a NULL pointer...
CVE-2025-40092 usb: gadget: f_ncm: Refactor bind path to use __free()
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: fncm: Refactor bind path to use free After an bind/unbind cycle, the ncm-notifyreq is left stale. If a subsequent bind fails, the unified error label attempts to free this stale request, leading to a NULL pointer...
CVE-2025-40092
Summary of CVE-2025-40092 : In the Linux kernel USB gadget stack for the f_ncm function, a stale ncm->notify_req after a bind/unbind cycle could be freed on a later failed bind, causing a NULL pointer dereference when ep->ops->free_request is accessed. The patch refactors the error handl...
PT-2025-44385
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel’s USB gadget functionality, specifically within the f rndis component. After a bind/unbind cycle, the rndis-notify req pointer can become stale. A...
DEBIAN-CVE-2024-56581
In the Linux kernel, the following vulnerability has been resolved: btrfs: ref-verify: fix use-after-free after invalid ref action At btrfsreftreemod after we successfully inserted the new ref entry local variable 'ref' into the respective block entry's rbtree local variable 'be', if we find an...