Lucene search
K

15 matches found

Redos
Redos
added 2026/03/17 12:0 a.m.4 views

ROS-20260317-73-0029

A vulnerability in the drivers/usb/gadget/configfs.c module of the Linux kernel is related to a violation of the initial buffer boundary. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

7.1CVSS6AI score0.00153EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.3 views

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-004301)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004301 advisory. gadgetdevdescUDCstore in drivers/usb/gadget/configfs.c in the Linux kernel 3.16 through 5.6.13 relies on kstrdup without considering the possibility of an internal...

6.5CVSS6.5AI score0.04505EPSS
Exploits0References19
Tenable Nessus
Tenable Nessus
added 2025/11/05 12:0 a.m.10 views

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990329)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990329 advisory. In the Linux kernel, the following vulnerability has been resolved: usb: gadget: configfs: Prevent OOB read/write in usbstringcopy Userspace provided string 's' coul...

5.5CVSS6.3AI score0.00233EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/10/07 12:0 a.m.6 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-986531)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986531 advisory. In the Linux kernel, the following vulnerability has been resolved: usb: gadget: configfs: Prevent OOB read/write in usbstringcopy Userspace provided string 's' coul...

5.5CVSS6.3AI score0.00233EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/08/18 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2025-38497

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - usb: gadget: configfs: Fix OOB read on empty string write When writing an empty string to either 'qwsign' or 'landingPage' sysfs attributes, the store functions...

7.1CVSS6.8AI score0.00153EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/10 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2024-42236

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - usb: gadget: configfs: Prevent OOB read/write in usbstringcopy Userspace provided string 's' could trivially have the length zero. Left unchecked this will...

5.5CVSS6.8AI score0.00233EPSS
Exploits0References2
OSV
OSV
added 2024/08/14 8:2 a.m.8 views

CLSA-2024-1723622576 Fix of 29 CVEs

CVE-url: https://ubuntu.com/security/CVE-2024-42236 - usb: gadget: configfs: Prevent OOB read/write in usbstringcopy CVE-url: https://ubuntu.com/security/CVE-2024-41095 - drm/nouveau/dispnv04: fix null pointer dereference in nv17tvgetldmodes CVE-url: https://ubuntu.com/security/CVE-2024-41098 -...

8.1CVSS6.8AI score0.01305EPSS
Exploits1References1
OSV
OSV
added 2024/08/12 8:41 p.m.11 views

CLSA-2024-1723495305 Fix of 19 CVEs

CVE-url: https://ubuntu.com/security/CVE-2024-42068 - bpf: Take return from setmemoryro into account with bpfproglockro CVE-url: https://ubuntu.com/security/CVE-2024-42079 - gfs2: Fix NULL pointer dereference in gfs2logflush CVE-url: https://ubuntu.com/security/CVE-2024-42226 - usb: xhci: prevent...

7.8CVSS6.8AI score0.00284EPSS
Exploits0References1
OSV
OSV
added 2024/08/12 8:31 p.m.13 views

CLSA-2024-1723494706 Fix of 19 CVEs

CVE-url: https://ubuntu.com/security/CVE-2024-42068 - bpf: Take return from setmemoryro into account with bpfproglockro CVE-url: https://ubuntu.com/security/CVE-2024-42079 - gfs2: Fix NULL pointer dereference in gfs2logflush CVE-url: https://ubuntu.com/security/CVE-2024-42226 - usb: xhci: prevent...

7.8CVSS6.8AI score0.00284EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2024/08/07 4:15 p.m.17 views

CVE-2024-42236

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: configfs: Prevent OOB read/write in usbstringcopy Userspace provided string 's' could trivially have the length zero. Left unchecked this will firstly result in an OOB read in the form if str0 - 1 == '\n' followed...

5.5CVSS6.4AI score0.00233EPSS
Exploits0References32
SUSE CVE
SUSE CVE
added 2023/02/15 3:58 a.m.3 views

SUSE CVE-2020-13143

gadgetdevdescUDCstore in drivers/usb/gadget/configfs.c in the Linux kernel 3.16 through 5.6.13 relies on kstrdup without considering the possibility of an internal '\0' value, which allows attackers to trigger an out-of-bounds read, aka CID-15753588bcd4...

4CVSS6.1AI score0.04505EPSS
Exploits0References22
Microsoft CVE
Microsoft CVE
added 2020/11/10 8:0 a.m.9 views

gadget_dev_desc_UDC_store in drivers/usb/gadget/configfs.c in the Linux kernel 3.16 through 5.6.13 relies on kstrdup without considering the possibility of an internal '\0' value which allows attackers to trigger an out-of-bounds read aka CID-15753588bcd4.

...

6.5CVSS8.4AI score0.04505EPSS
Exploits0
CNVD
CNVD
added 2020/05/19 12:0 a.m.6 views

Linux kernel buffer overflow vulnerability (CNVD-2020-33664)

Linux kernel is the kernel used by Linux, the open source operating system released by the Linux Foundation in the United States. A buffer overflow vulnerability exists in the gadgetdevdescUDCstore file in drivers/usb/gadget/configfs.c file in Linux kernel 5.6.13 and earlier, which stems from a...

6.5CVSS6.7AI score0.04505EPSS
Exploits0References1
OSV
OSV
added 2020/05/18 6:15 p.m.5 views

DEBIAN-CVE-2020-13143

gadgetdevdescUDCstore in drivers/usb/gadget/configfs.c in the Linux kernel 3.16 through 5.6.13 relies on kstrdup without considering the possibility of an internal '\0' value, which allows attackers to trigger an out-of-bounds read, aka CID-15753588bcd4...

6.5CVSS6.2AI score0.04505EPSS
Exploits0References1
OSV
OSV
added 2020/05/18 6:15 p.m.8 views

UBUNTU-CVE-2020-13143

gadgetdevdescUDCstore in drivers/usb/gadget/configfs.c in the Linux kernel 3.16 through 5.6.13 relies on kstrdup without considering the possibility of an internal '\0' value, which allows attackers to trigger an out-of-bounds read, aka CID-15753588bcd4...

6.5CVSS6.7AI score0.04505EPSS
Exploits0References10
Rows per page
Query Builder