78 matches found
Astra Linux - уязвимость в linux, linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: nfc: pn533: Wait for outurb’s completion in pn533usbsendframe A use-after-free issue occurred in hcd when the inurb sent from pn533usbsendframe was completed earlier than outurb. The callback in pn533sendComplete frees the skb...
CVE-2026-43324
A flaw was found in the Linux kernel's dummy-hcd driver. This vulnerability stems from an interrupt synchronization error where emulated interrupts can occur after the system attempts to synchronize interrupt handlers. This timing issue creates a race condition, potentially allowing a callback...
CVE-2026-43423
A flaw was found in the Linux kernel's USB Network Control Model NCM gadget driver. The ncmsetalt function was observed to hold a mutex within an atomic context, which is an invalid operation. This improper locking can lead to a 'sleeping function called from invalid context' error when configfs...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the usb gadget fncm driver holding a mutex lock protection condition in the ncmsetalt function...
CVE-2026-43170
A flaw was found in the Linux kernel's USB DWC3 gadget driver. This vulnerability occurs when the dwc3gadgetvbusdraw function is called from an atomic context, which then invokes power management integrated circuit PMIC APIs that may cause the system to sleep. An attacker could exploit this...
Astra Linux - уязвимость в linux, linux-5.10, linux-5.15
An issue was discovered in the Linux kernel before 6.3.2. A use-after-free was found in renesasusb3remove in drivers/usb/gadget/udc/renesasusb3.c...
CVE-2026-31755
A flaw was found in the Linux kernel's cdns3 USB gadget driver. When a gadget endpoint is disabled or not yet configured, a NULL pointer dereference can occur in the epqueue function. This can lead to a kernel crash, resulting in a denial of service DoS on the affected system...
CVE-2026-31721
A flaw was found in the Linux kernel's USB Human Interface Device HID gadget driver fhid. When a USB gadget is unbound and then rebound while file descriptors are still actively using its wait queues, the driver can re-initialize these queues while they still contain items. This can lead to list...
CVE-2026-31756
Technical details about CVE-2026-31756 are not publicly provided in the connected documents. Monitor for updates from vendors and advisories to confirm affected products, impact, and fixes.
CVE-2026-31728 usb: gadget: u_ether: Fix race between gether_disconnect and eth_stop
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: uether: Fix race between getherdisconnect and ethstop A race condition between getherdisconnect and ethstop leads to a NULL pointer dereference. Specifically, if ethstop is triggered concurrently while getherdisconne...
CVE-2026-31725
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: fecm: Fix netdevice lifecycle with devicemove The netdevice is allocated during function instance creation and registered during the bind phase with the gadget device as its sysfs parent. When the function unbinds, t...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the usb cdns3 gadget driver not checking when the ep-desc pointer is null in the epqueue, which could result...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an inconsistent state of the usb cdns3 gadget driver upon initialization failure, which could lead to...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the usb dwc2 gadget driver calling dwc2gadgetexitclockgating without holding a lock in the dwc2hsotgudcstop...
CVE-2026-31617
A flaw was found in the Linux kernel's USB Network Control Model NCM gadget driver. A malicious USB host could exploit an integer underflow vulnerability when processing Network Transfer Block NTB headers. This allows the host to manipulate internal data pointers, causing adjacent kernel memory t...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-013731)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013731 advisory. In the Linux kernel, the following vulnerability has been resolved: USB: gadget: Fix the memory leak in rawgadget driver Currently, increasing rawdev-count happens...
ROS-20260119-7387
A vulnerability in the usbgcmdwork and botcmdwork functions of the USB driver drivers/usb/gadget/function/ftcm.c of the Linux kernel is related to memory re-release. Exploitation of the vulnerability could allow an attacker to cause a denial of service...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003649)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003649 advisory. In the Linux kernel before 4.16.4, a double-locking error in drivers/usb/dwc3/gadget.c may potentially cause a deadlock with fhid. Tenable has extracted the precedin...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001243)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001243 advisory. In the Linux kernel before 4.16.4, a double-locking error in drivers/usb/dwc3/gadget.c may potentially cause a deadlock with fhid. Tenable has extracted the precedin...
ROS-20260113-7316
Vulnerability of astudcgetstatus function in drivers/usb/gadget/udc/aspeedudc.c module of usb gadget driver of Linux kernel is related to incorrect index calculation. Exploitation of the vulnerability may allow an intruder to affect confidentiality, integrity and availability of protected...