15 matches found
ROS-20260317-73-0029
A vulnerability in the drivers/usb/gadget/configfs.c module of the Linux kernel is related to a violation of the initial buffer boundary. Exploitation of the vulnerability could allow an attacker to cause a denial of service...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-004301)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004301 advisory. gadgetdevdescUDCstore in drivers/usb/gadget/configfs.c in the Linux kernel 3.16 through 5.6.13 relies on kstrdup without considering the possibility of an internal...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990329)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990329 advisory. In the Linux kernel, the following vulnerability has been resolved: usb: gadget: configfs: Prevent OOB read/write in usbstringcopy Userspace provided string 's' coul...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-986531)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986531 advisory. In the Linux kernel, the following vulnerability has been resolved: usb: gadget: configfs: Prevent OOB read/write in usbstringcopy Userspace provided string 's' coul...
Linux Distros Unpatched Vulnerability : CVE-2025-38497
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - usb: gadget: configfs: Fix OOB read on empty string write When writing an empty string to either 'qwsign' or 'landingPage' sysfs attributes, the store functions...
Linux Distros Unpatched Vulnerability : CVE-2024-42236
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - usb: gadget: configfs: Prevent OOB read/write in usbstringcopy Userspace provided string 's' could trivially have the length zero. Left unchecked this will...
CLSA-2024-1723622576 Fix of 29 CVEs
CVE-url: https://ubuntu.com/security/CVE-2024-42236 - usb: gadget: configfs: Prevent OOB read/write in usbstringcopy CVE-url: https://ubuntu.com/security/CVE-2024-41095 - drm/nouveau/dispnv04: fix null pointer dereference in nv17tvgetldmodes CVE-url: https://ubuntu.com/security/CVE-2024-41098 -...
CLSA-2024-1723495305 Fix of 19 CVEs
CVE-url: https://ubuntu.com/security/CVE-2024-42068 - bpf: Take return from setmemoryro into account with bpfproglockro CVE-url: https://ubuntu.com/security/CVE-2024-42079 - gfs2: Fix NULL pointer dereference in gfs2logflush CVE-url: https://ubuntu.com/security/CVE-2024-42226 - usb: xhci: prevent...
CLSA-2024-1723494706 Fix of 19 CVEs
CVE-url: https://ubuntu.com/security/CVE-2024-42068 - bpf: Take return from setmemoryro into account with bpfproglockro CVE-url: https://ubuntu.com/security/CVE-2024-42079 - gfs2: Fix NULL pointer dereference in gfs2logflush CVE-url: https://ubuntu.com/security/CVE-2024-42226 - usb: xhci: prevent...
CVE-2024-42236
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: configfs: Prevent OOB read/write in usbstringcopy Userspace provided string 's' could trivially have the length zero. Left unchecked this will firstly result in an OOB read in the form if str0 - 1 == '\n' followed...
SUSE CVE-2020-13143
gadgetdevdescUDCstore in drivers/usb/gadget/configfs.c in the Linux kernel 3.16 through 5.6.13 relies on kstrdup without considering the possibility of an internal '\0' value, which allows attackers to trigger an out-of-bounds read, aka CID-15753588bcd4...
gadget_dev_desc_UDC_store in drivers/usb/gadget/configfs.c in the Linux kernel 3.16 through 5.6.13 relies on kstrdup without considering the possibility of an internal '\0' value which allows attackers to trigger an out-of-bounds read aka CID-15753588bcd4.
...
Linux kernel buffer overflow vulnerability (CNVD-2020-33664)
Linux kernel is the kernel used by Linux, the open source operating system released by the Linux Foundation in the United States. A buffer overflow vulnerability exists in the gadgetdevdescUDCstore file in drivers/usb/gadget/configfs.c file in Linux kernel 5.6.13 and earlier, which stems from a...
DEBIAN-CVE-2020-13143
gadgetdevdescUDCstore in drivers/usb/gadget/configfs.c in the Linux kernel 3.16 through 5.6.13 relies on kstrdup without considering the possibility of an internal '\0' value, which allows attackers to trigger an out-of-bounds read, aka CID-15753588bcd4...
UBUNTU-CVE-2020-13143
gadgetdevdescUDCstore in drivers/usb/gadget/configfs.c in the Linux kernel 3.16 through 5.6.13 relies on kstrdup without considering the possibility of an internal '\0' value, which allows attackers to trigger an out-of-bounds read, aka CID-15753588bcd4...