Lucene search
K

20 matches found

AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: rndis: prevent integer overflow in rndissetresponse If “BufOffset” is very large, the operation “BufOffset + 8” may lead to an integer overflow...

7.8CVSS6.2AI score0.00255EPSS
Exploits0References2
OSV
OSV
added 2026/05/08 2:16 p.m.12 views

UBUNTU-CVE-2026-43342

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: frndis: Protect RNDIS options with mutex The class/subclass/protocol options are suspectible to race conditions as they can be accessed concurrently through configfs. Use existing mutex to protect these options. This...

4.7CVSS5.7AI score0.00086EPSS
Exploits0References11
CNNVD
CNNVD
added 2026/05/08 12:0 a.m.10 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the lack of mutual exclusion protection for class/subclass/protocol options in USB Gadget FRNDIS...

4.7CVSS5.8AI score0.00086EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/01 2:14 p.m.12 views

EUVD-2026-26535

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: frndis: Fix netdevice lifecycle with devicemove The netdevice is allocated during function instance creation and registered during the bind phase with the gadget device as its sysfs parent. When the function unbinds,...

5.8AI score0.00122EPSS
Exploits0References4
CVE
CVE
added 2026/05/01 2:14 p.m.17 views

CVE-2026-31722

In the Linux kernel, CVE-2026-31722 affects the USB gadget RNDIS function (f_rndis). The issue arises when the net_device is allocated during function instance creation and registered under the gadget device as its sysfs parent; during unbind, the parent is destroyed but the net_device can persis...

5.5CVSS5.8AI score0.00122EPSS
Exploits0References4Affected Software1
Tenable Nessus
Tenable Nessus
added 2025/11/05 12:0 a.m.2 views

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-988685)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-988685 advisory. In the Linux kernel, the following vulnerability has been resolved: usb: gadget: rndis: add spinlock for rndis response list There's no lock for rndis response list...

7.8CVSS5.9AI score0.00219EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/30 12:31 p.m.3 views

EUVD-2025-36983

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: frndis: Refactor bind path to use free After an bind/unbind cycle, the rndis-notifyreq is left stale. If a subsequent bind fails, the unified error label attempts to free this stale request, leading to a NULL pointer...

6AI score0.00183EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2025/10/07 12:0 a.m.3 views

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-986323)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986323 advisory. In the Linux kernel, the following vulnerability has been resolved: usb: gadget: rndis: prevent integer overflow in rndissetresponse If BufOffset is very large the...

7.8CVSS6AI score0.00255EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/10/07 12:0 a.m.2 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-987034)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987034 advisory. In the Linux kernel, the following vulnerability has been resolved: usb: gadget: rndis: add spinlock for rndis response list There's no lock for rndis response list...

7.8CVSS5.9AI score0.00219EPSS
Exploits0References4
Cvelist
Cvelist
added 2024/08/22 3:31 a.m.28 views

CVE-2022-48926 usb: gadget: rndis: add spinlock for rndis response list

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: rndis: add spinlock for rndis response list There's no lock for rndis response list. It could cause list corruption if there're two different listadd at the same time like below. It's better to add in rndisaddrespons...

0.00219EPSS
Exploits0References8
Debian CVE
Debian CVE
added 2024/08/22 3:31 a.m.29 views

CVE-2022-48926

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: rndis: add spinlock for rndis response list There's no lock for rndis response list. It could cause list corruption if there're two different listadd at the same time like below. It's better to add in rndisaddrespons...

7.8CVSS5.6AI score0.00219EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2024/07/16 8:56 p.m.19 views

CVE-2022-48837

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: rndis: prevent integer overflow in rndissetresponse If "BufOffset" is very large the "BufOffset + 8" operation can have an integer overflow...

5.5CVSS7.3AI score0.00255EPSS
Exploits0References4
NVD
NVD
added 2024/07/16 1:15 p.m.25 views

CVE-2022-48837

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: rndis: prevent integer overflow in rndissetresponse If "BufOffset" is very large the "BufOffset + 8" operation can have an integer overflow...

7.8CVSS0.00255EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2006/10/14 12:0 a.m.53 views

Debian DSA-1103-1 : kernel-source-2.6.8 - several vulnerabilities

Several local and remote vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or the execution of arbitrary code. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2005-3359 Franz Filz discovered that some socket...

10CVSS6.5AI score0.06797EPSS
Exploits3References49
Debian
Debian
added 2006/06/14 5:55 p.m.89 views

[SECURITY] [DSA 1097-1] New Kernel 2.4.27 packages fix several vulnerabilities

-------------------------------------------------------------------------- Debian Security Advisory DSA 1097-1 [email protected] http://www.debian.org/security/ Dann Frazier, Troy Heber June 14th, 2006 http://www.debian.org/security/faq -...

10CVSS8.5AI score0.06797EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2006/05/13 12:0 a.m.46 views

Ubuntu 5.04 / 5.10 : linux-source-2.6.10, linux-source-2.6.12 vulnerabilities (USN-281-1)

The sysmbind function did not properly verify the validity of the 'maxnod' argument. A local user could exploit this to trigger a buffer overflow, which caused a kernel crash. CVE-2006-0557 The SELinux module did not correctly handle the tracer SID when a process was already being traced. A local...

10CVSS5.9AI score0.0601EPSS
Exploits0References9
Ubuntu
Ubuntu
added 2006/05/04 5:50 p.m.70 views

USN-281-1: Linux kernel vulnerabilities

The sysmbind function did not properly verify the validity of the 'maxnod' argument. A local user could exploit this to trigger a buffer overflow, which caused a kernel crash. CVE-2006-0557 The SELinux module did not correctly handle the tracer SID when a process was already being traced. A local...

10CVSS5.7AI score0.0601EPSS
Exploits0
securityvulns
securityvulns
added 2006/05/04 12:0 a.m.76 views

[Full-disclosure] [USN-281-1] Linux kernel vulnerabilities

=========================================================== Ubuntu Security Notice USN-281-1 May 04, 2006 linux-source-2.6.10, linux-source-2.6.12 vulnerabilities CVE-2006-0557, CVE-2006-1052, CVE-2006-1055, CVE-2006-1066, CVE-2006-1242, CVE-2006-1343, CVE-2006-1368, CVE-2006-1525...

10CVSS6.7AI score0.0601EPSS
Exploits0
NVD
NVD
added 2006/03/23 11:6 p.m.17 views

CVE-2006-1368

Buffer overflow in the USB Gadget RNDIS implementation in the Linux kernel before 2.6.16 allows remote attackers to cause a denial of service kmalloc'd memory corruption via a remote NDIS response to OIDGENSUPPORTEDLIST, which causes memory to be allocated for the reply data but not the reply...

10CVSS6.4AI score0.0601EPSS
Exploits0References14
Cvelist
Cvelist
added 2006/03/23 11:0 p.m.30 views

CVE-2006-1368

Buffer overflow in the USB Gadget RNDIS implementation in the Linux kernel before 2.6.16 allows remote attackers to cause a denial of service kmalloc'd memory corruption via a remote NDIS response to OIDGENSUPPORTEDLIST, which causes memory to be allocated for the reply data but not the reply...

6.3AI score0.0601EPSS
Exploits0References14
Rows per page
Query Builder