Lucene search
K

16 matches found

AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: fecm: Refactor the bind path to use free After a bind/unbind cycle, the ecm-notifyreq remains stale. If a subsequent bind fails, the unified error handling mechanism attempts to free this stale request. This leads to...

5.6AI score0.00183EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: frndis: Refactor the bind path to use free After a bind/unbind cycle, the rndis-notifyreq remains stale. If a subsequent bind fails, the unified error handling mechanism attempts to free this stale request. This lead...

5.7AI score0.00183EPSS
Exploits0References2
OSV
OSV
added 2026/04/03 2:16 p.m.4 views

UBUNTU-CVE-2026-23426

In the Linux kernel, the following vulnerability has been resolved: drm/logicvc: Fix device node reference leak in logicvcdrmconfigparse The logicvcdrmconfigparse function calls ofgetchildbyname to find the "layers" node but fails to release the reference, leading to a device node reference leak...

5.5CVSS5.7AI score0.00115EPSS
Exploits0References9
SUSE CVE
SUSE CVE
added 2025/10/31 12:25 a.m.3 views

SUSE CVE-2025-40092

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: fncm: Refactor bind path to use free After an bind/unbind cycle, the ncm-notifyreq is left stale. If a subsequent bind fails, the unified error label attempts to free this stale request, leading to a NULL pointer...

4.4CVSS6.4AI score0.00188EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2025/10/31 12:25 a.m.2 views

SUSE CVE-2025-40094

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: facm: Refactor bind path to use free After an bind/unbind cycle, the acm-notifyreq is left stale. If a subsequent bind fails, the unified error label attempts to free this stale request, leading to a NULL pointer...

4.3CVSS6.4AI score0.00188EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/30 12:31 p.m.3 views

EUVD-2025-36985

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: fecm: Refactor bind path to use free After an bind/unbind cycle, the ecm-notifyreq is left stale. If a subsequent bind fails, the unified error label attempts to free this stale request, leading to a NULL pointer...

6AI score0.00183EPSS
Exploits0References6
NVD
NVD
added 2025/10/30 10:15 a.m.6 views

CVE-2025-40092

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: fncm: Refactor bind path to use free After an bind/unbind cycle, the ncm-notifyreq is left stale. If a subsequent bind fails, the unified error label attempts to free this stale request, leading to a NULL pointer...

0.00188EPSS
Exploits0References6
NVD
NVD
added 2025/10/30 10:15 a.m.3 views

CVE-2025-40093

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: fecm: Refactor bind path to use free After an bind/unbind cycle, the ecm-notifyreq is left stale. If a subsequent bind fails, the unified error label attempts to free this stale request, leading to a NULL pointer...

0.00183EPSS
Exploits0References5
OSV
OSV
added 2025/10/30 10:15 a.m.2 views

UBUNTU-CVE-2025-40094

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: facm: Refactor bind path to use free After an bind/unbind cycle, the acm-notifyreq is left stale. If a subsequent bind fails, the unified error label attempts to free this stale request, leading to a NULL pointer...

5.7AI score0.00188EPSS
Exploits0References38
CVE
CVE
added 2025/10/30 9:48 a.m.21 views

CVE-2025-40095

The CVE-2025-40095 entry concerns the Linux kernel USB gadget f_rndis driver. After a bind/unbind cycle, rndis->notify_req may remain stale; if a subsequent bind fails, the unified error path attempts to free this stale request, causing a NULL pointer dereference when ep->ops->free_reque...

6.1AI score0.00183EPSS
Exploits0References5
OSV
OSV
added 2025/10/30 9:48 a.m.2 views

CVE-2025-40094 usb: gadget: f_acm: Refactor bind path to use __free()

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: facm: Refactor bind path to use free After an bind/unbind cycle, the acm-notifyreq is left stale. If a subsequent bind fails, the unified error label attempts to free this stale request, leading to a NULL pointer...

6.4AI score0.00188EPSS
Exploits0References9
Cvelist
Cvelist
added 2025/10/30 9:48 a.m.5 views

CVE-2025-40093 usb: gadget: f_ecm: Refactor bind path to use __free()

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: fecm: Refactor bind path to use free After an bind/unbind cycle, the ecm-notifyreq is left stale. If a subsequent bind fails, the unified error label attempts to free this stale request, leading to a NULL pointer...

0.00183EPSS
Exploits0References5
Cvelist
Cvelist
added 2025/10/30 9:47 a.m.6 views

CVE-2025-40092 usb: gadget: f_ncm: Refactor bind path to use __free()

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: fncm: Refactor bind path to use free After an bind/unbind cycle, the ncm-notifyreq is left stale. If a subsequent bind fails, the unified error label attempts to free this stale request, leading to a NULL pointer...

0.00188EPSS
Exploits0References6
CVE
CVE
added 2025/10/30 9:47 a.m.15 views

CVE-2025-40092

Summary of CVE-2025-40092 : In the Linux kernel USB gadget stack for the f_ncm function, a stale ncm->notify_req after a bind/unbind cycle could be freed on a later failed bind, causing a NULL pointer dereference when ep->ops->free_request is accessed. The patch refactors the error handl...

6AI score0.00188EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2025/09/17 12:0 a.m.4 views

PT-2025-44385

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel’s USB gadget functionality, specifically within the f rndis component. After a bind/unbind cycle, the rndis-notify req pointer can become stale. A...

4.6CVSS7.3AI score0.00183EPSS
Exploits0
OSV
OSV
added 2024/12/27 3:15 p.m.7 views

DEBIAN-CVE-2024-56581

In the Linux kernel, the following vulnerability has been resolved: btrfs: ref-verify: fix use-after-free after invalid ref action At btrfsreftreemod after we successfully inserted the new ref entry local variable 'ref' into the respective block entry's rbtree local variable 'be', if we find an...

7.8CVSS5.7AI score0.00239EPSS
Exploits0References1
Rows per page
Query Builder