Linux Distros Unpatched Vulnerability : CVE-2026-43170

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - usb: dwc3: gadget: Move vbus draw to workqueue context Currently dwc3gadgetvbusdraw can be called from atomic context, which in turn invokes power-supply-core...

Security update for the Linux Kernel (Live Patch 12 for SLE 15 SP6)

This update for the Linux Kernel 6.4.0-1506002353 fixes several issues. The following security issues were fixed: CVE-2025-38109: net/mlx5: fix ECVF vports unload on shutdown flow bsc1245685. CVE-2025-38181: calipso: Fix null-ptr-deref in calipsoreqset,delattr bsc1246001. CVE-2025-38498:...

CVE-2025-21838

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: core: flush gadget workqueue after device removal devicedel can lead to new work being scheduled in gadget-work workqueue. This is observed, for example, with the dwc3 driver with the following call stack: devicedel...

The vulnerability of the Linux operating system’s kernel component, which allows a hacker to trigger a service failure

The vulnerability of the Linux operating system’s kernel component, “gadget”, is related to an error in memory management after freeing memory due to the failure to configure “udc→dev.driver”. Exploiting this vulnerability can allow an attacker to cause a service failure...

The vulnerability of the __dwc3_stop_active_transfer() function in the DesignWare USB3 driver for Linux operating systems allows a hacker to compromise the accessibility of protected information.

The vulnerability of the dwc3stopactivetransfer function in the drivers/usb/dwc3/gadget.c file of the DesignWare USB3 driver for the Linux operating system is related to concurrent access to resources race conditions. Exploiting this vulnerability could allow a attacker to compromise the...

CVE-2024-27405 usb: gadget: ncm: Avoid dropping datagrams of properly parsed NTBs

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: ncm: Avoid dropping datagrams of properly parsed NTBs It is observed sometimes when tethering is used over NCM with Windows 11 as host, at some instances, the gadgetgiveback has one byte appended at the end of a prop...

Intel Power Gadget 安全漏洞

Intel Power Gadget is a software-based power consumption monitoring tool for Intel Core processors from Intel Corporation USA. A security vulnerability exists in Intel Power Gadget that stems from an improper initialization issue. It could allow an authenticated user to conduct a denial of servic...

The vulnerability of the Chat gadget component of the UWF Agent Desktop software for multi-channel contact centers allows a hacker to perform cross-site scripting attacks.

The vulnerability of the Chat Gadget component of the UWF Agent Desktop software for multi-channel contact centers in the Upstream Works on Finesse environment is related to the lack of protective measures taken when creating links for downloading additional files. Exploiting this vulnerability...

Spectre V1 Gadget in do_prlimit in the Linux Kernel

...

Moderate: Red Hat Security Advisory: kernel security and bug fix update

An update for kernel is now available for Red Hat Enterprise Linux 6.5 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

Important: Red Hat Security Advisory: kernel-rt security and bug fix update

An update for kernel-rt is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

Important: Red Hat Security Advisory: kernel security and bug fix update

An update for kernel is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

CVE-2018-20827

The activity stream gadget in Jira before version 7.13.1 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting XSS vulnerability in the country parameter...