CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

27 matches found

AstraLinux•added 2026/05/03 11:59 p.m.•2 views

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: ffs: Prevent race during ffsep0queuewait When performing fast composition switching, there is a possibility that the process of ffsep0write/ffsep0read may enter a race condition due to ep0req being freed from the...

7.8CVSS6AI score0.00204EPSS

Exploits0References2

RedhatCVE•added 2026/01/15 5:38 p.m.•3 views

CVE-2025-71074

In the Linux kernel, the following vulnerability has been resolved: functionfs: fix the open/removal races ffsepfileopen can race with removal, ending up with file-privatedata pointing to freed object. There is a total count of opened files on functionfs both ep0 and dynamic ones and when it hits...

5.8AI score0.00094EPSS

Exploits0References4

NVD•added 2026/01/13 4:16 p.m.•2 views

CVE-2025-71074

4.7CVSS0.00094EPSS

Exploits0References1

UbuntuCve•added 2026/01/13 4:16 p.m.•2 views

CVE-2025-71074

4.7CVSS5.7AI score0.00094EPSS

Exploits0References4

OSV•added 2026/01/13 4:16 p.m.•2 views

UBUNTU-CVE-2025-71074

4.7CVSS5.7AI score0.00094EPSS

Exploits0References5

OSV•added 2026/01/13 3:31 p.m.•3 views

CVE-2025-71074 functionfs: fix the open/removal races

4.7CVSS6.3AI score0.00094EPSS

Exploits0References4

ATTACKERKB•added 2026/01/13 3:31 p.m.•2 views

CVE-2025-71074

5.2AI score0.00094EPSS

Exploits0References3Affected Software1

CVE•added 2026/01/13 3:31 p.m.•14 views

CVE-2025-71074

The CVE-2025-71074 issue affects Linux kernel functionfs, where open/removal races can leave file->private_data as a freed object, causing UAF on read/write. Root cause: ffs->opened is misused; synchronization via atomic_dec_and_test() is insufficient. The fix approach, as documented, is to...

4.7CVSS6.1AI score0.00094EPSS

Exploits0References1Affected Software1

Cvelist•added 2026/01/13 3:31 p.m.•21 views

CVE-2025-71074 functionfs: fix the open/removal races

0.00094EPSS

Exploits0References1

Positive Technologies•added 2026/01/13 12:0 a.m.•2 views

PT-2026-2595

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A race condition exists within the functionfs implementation, specifically in the ffs epfile open function. This condition can occur when a file is opened and removed concurrently,...

4.7CVSS5.4AI score0.00094EPSS

Exploits0References21

Tenable Nessus•added 2026/01/13 12:0 a.m.•3 views

Linux Distros Unpatched Vulnerability : CVE-2025-71074

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - functionfs: fix the open/removal races ffsepfileopen can race with removal, ending up with file-privatedata pointing to freed object. There is a total count of...

4.7CVSS5.8AI score0.00094EPSS

Exploits0References3

EUVD•added 2025/12/08 3:31 a.m.•2 views

EUVD-2025-201630

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: ffs: Fix epfile null pointer access after ep enable. A race condition occurs when ffsfuncepsenable runs concurrently with ffsdatareset. The ffsdataclear called in ffsdatareset sets ffs-epfiles to NULL before resettin...

6AI score0.00168EPSS

Exploits0References9

Tenable Nessus•added 2025/11/05 12:0 a.m.•2 views

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-988808)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-988808 advisory. In the Linux kernel, the following vulnerability has been resolved: usb: gadget: ffs: Prevent race during ffsep0queuewait While performing fast composition switch,...

7.8CVSS5.8AI score0.00204EPSS

Exploits0References4

Tenable Nessus•added 2025/10/27 12:0 a.m.•5 views

Siemens SIMATIC Devices Race Condition (CVE-2024-57913)

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: ffs: Remove WARNON in functionfsbind This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if...

4.7CVSS6.2AI score0.00164EPSS

Exploits0References2

EUVD•added 2025/10/03 8:7 p.m.•3 views

EUVD-2024-53816

Malicious code in bioql PyPI...

4.7CVSS7AI score0.00164EPSS

Exploits0References8

Tenable Nessus•added 2025/08/07 12:0 a.m.•3 views

Linux Distros Unpatched Vulnerability : CVE-2022-49755

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - usb: gadget: ffs: Prevent race during ffsep0queuewait While performing fast composition switch, there is a possibility that the process of ffsep0write/ffsep0rea...

7.8CVSS6.8AI score0.00204EPSS

Exploits0References2

AstraLinux•added 2025/06/16 11:28 a.m.•2 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: ffs: Remove WARNON from functionfsbind This commit addresses an issue related to a kernel panic that occurs when paniconwarn is enabled. The issue is caused by the unnecessary use of WARNON in functionfsbind, which c...

4.7CVSS6.3AI score0.00164EPSS

Exploits0References3

SUSE CVE•added 2025/03/28 3:40 a.m.•1 views

SUSE CVE-2022-49755

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: ffs: Prevent race during ffsep0queuewait While performing fast composition switch, there is a possibility that the process of ffsep0write/ffsep0read get into a race condition due to ep0req being freed up from...

5.5CVSS6.4AI score0.00204EPSS

Exploits0References7

OSV•added 2025/03/27 5:15 p.m.•1 views

UBUNTU-CVE-2022-49755

7.8CVSS6.3AI score0.00204EPSS

Exploits0References10

OSV•added 2025/03/27 4:43 p.m.•8 views

CVE-2022-49755 usb: gadget: f_fs: Prevent race during ffs_ep0_queue_wait

7.8CVSS5.2AI score0.00204EPSS

Exploits0References10

Rows per page