Lucene search
K

87 matches found

SUSE Linux
SUSE Linux
added 2026/06/12 1:52 p.m.9 views

Security update for qemu

This update for qemu fixes the following issues: CVE-2026-2243: incorrect bounds check leads to heap out-of-bounds read and a 12-byte information leak when processing specially crafted VMDK files bsc1258509. CVE-2026-3195: heap buffer overflow when reading input audio in the virtio-snd device inp...

8.8CVSS7.4AI score0.00126EPSS
Exploits1References18
SUSE CVE
SUSE CVE
added 2026/06/10 2:28 a.m.9 views

SUSE CVE-2026-40215

A race condition in OpenVPN 2.6.0 through 2.6.19 and 2.7alpha1 through 2.7.1 allows remote attackers to potentially cause a server crash or leak heap memory via a use-after-free triggered during TLS session promotion...

6.1CVSS5.5AI score0.00309EPSS
Exploits0References3
Microsoft CVE
Microsoft CVE
added 2026/05/29 8:8 a.m.7 views

usb: usblp: fix heap leak in IEEE 1284 device ID via short response

...

5.5CVSS5.4AI score0.00123EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2026/05/29 8:7 a.m.8 views

usb: usblp: fix uninitialized heap leak via LPGETSTATUS ioctl

...

5.5CVSS5.4AI score0.00128EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2026/05/29 1:16 a.m.16 views

SUSE CVE-2026-46151

In the Linux kernel, the following vulnerability has been resolved: usb: usblp: fix heap leak in IEEE 1284 device ID via short response usblpctrlmsg collapses the usbcontrolmsg return value to 0/-errno, discarding the actual number of bytes transferred. A broken printer can complete the GETDEVICE...

6.3CVSS5.8AI score0.00123EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/05/29 12:0 a.m.14 views

Linux Distros Unpatched Vulnerability : CVE-2026-46151

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - usb: usblp: fix heap leak in IEEE 1284 device ID via short response usblpctrlmsg collapses the usbcontrolmsg return value to 0/-errno, discarding the actual...

5.5CVSS6.1AI score0.00123EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/05/29 12:0 a.m.14 views

Linux Distros Unpatched Vulnerability : CVE-2026-46167

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - usb: usblp: fix uninitialized heap leak via LPGETSTATUS ioctl Just like in a previous problem in this driver, usblpctrlmsg will collapse the usbcontrolmsg retur...

5.5CVSS6.2AI score0.00128EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/05/28 6:37 p.m.15 views

CVE-2026-46151

A flaw was found in the Linux kernel's USB printer usblp driver. A malicious USB printer can exploit a heap leak vulnerability by sending a truncated device ID response. This can lead to the disclosure of up to 1021 bytes of uninitialized kernel memory, potentially exposing sensitive information ...

5.5CVSS5.7AI score0.00123EPSS
Exploits0References4
NVD
NVD
added 2026/05/28 10:16 a.m.19 views

CVE-2026-46167

In the Linux kernel, the following vulnerability has been resolved: usb: usblp: fix uninitialized heap leak via LPGETSTATUS ioctl Just like in a previous problem in this driver, usblpctrlmsg will collapse the usbcontrolmsg return value to 0/-errno, discarding the actual number of bytes transferre...

5.5CVSS0.00128EPSS
Exploits0References8
NVD
NVD
added 2026/05/28 10:16 a.m.13 views

CVE-2026-46151

In the Linux kernel, the following vulnerability has been resolved: usb: usblp: fix heap leak in IEEE 1284 device ID via short response usblpctrlmsg collapses the usbcontrolmsg return value to 0/-errno, discarding the actual number of bytes transferred. A broken printer can complete the GETDEVICE...

5.5CVSS0.00123EPSS
Exploits0References8
OSV
OSV
added 2026/05/28 10:16 a.m.6 views

UBUNTU-CVE-2026-46167

In the Linux kernel, the following vulnerability has been resolved: usb: usblp: fix uninitialized heap leak via LPGETSTATUS ioctl Just like in a previous problem in this driver, usblpctrlmsg will collapse the usbcontrolmsg return value to 0/-errno, discarding the actual number of bytes transferre...

5.5CVSS5.8AI score0.00128EPSS
Exploits0References8
OSV
OSV
added 2026/05/28 10:16 a.m.11 views

UBUNTU-CVE-2026-46151

In the Linux kernel, the following vulnerability has been resolved: usb: usblp: fix heap leak in IEEE 1284 device ID via short response usblpctrlmsg collapses the usbcontrolmsg return value to 0/-errno, discarding the actual number of bytes transferred. A broken printer can complete the GETDEVICE...

5.5CVSS5.8AI score0.00123EPSS
Exploits0References8
OSV
OSV
added 2026/05/28 10:16 a.m.5 views

UBUNTU-CVE-2026-46155

In the Linux kernel, the following vulnerability has been resolved: smb/client: fix out-of-bounds read in smb2compoundop If a server sends a truncated response but a large OutputBufferLength, and terminates the EA list early, checkwsleas returns success without validating that the entire...

9.1CVSS5.7AI score0.00478EPSS
Exploits0References11
Cvelist
Cvelist
added 2026/05/28 9:36 a.m.31 views

CVE-2026-46167 usb: usblp: fix uninitialized heap leak via LPGETSTATUS ioctl

In the Linux kernel, the following vulnerability has been resolved: usb: usblp: fix uninitialized heap leak via LPGETSTATUS ioctl Just like in a previous problem in this driver, usblpctrlmsg will collapse the usbcontrolmsg return value to 0/-errno, discarding the actual number of bytes transferre...

0.00128EPSS
Exploits0References8
CVE
CVE
added 2026/05/28 9:36 a.m.35 views

CVE-2026-46167

CVE-2026-46167 – Linux kernel usb/usblp heap leak : The vulnerability stems from an uninitialized status buffer (statusbuf) allocated at probe time for LPGETSTATUS. If a malicious printer returns zero bytes, a stale 8-byte heap region could be copied to userspace via LPGETSTATUS, causing a heap l...

5.5CVSS5.8AI score0.00128EPSS
Exploits0References8Affected Software1
Debian CVE
Debian CVE
added 2026/05/28 9:36 a.m.9 views

CVE-2026-46167

In the Linux kernel, the following vulnerability has been resolved: usb: usblp: fix uninitialized heap leak via LPGETSTATUS ioctl Just like in a previous problem in this driver, usblpctrlmsg will collapse the usbcontrolmsg return value to 0/-errno, discarding the actual number of bytes transferre...

5.5CVSS5.8AI score0.00128EPSS
Exploits0
EUVD
EUVD
added 2026/05/28 9:36 a.m.10 views

EUVD-2026-32778

In the Linux kernel, the following vulnerability has been resolved: usb: usblp: fix heap leak in IEEE 1284 device ID via short response usblpctrlmsg collapses the usbcontrolmsg return value to 0/-errno, discarding the actual number of bytes transferred. A broken printer can complete the GETDEVICE...

5.8AI score0.00123EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/05/28 9:36 a.m.12 views

CVE-2026-46151

In the Linux kernel, the following vulnerability has been resolved: usb: usblp: fix heap leak in IEEE 1284 device ID via short response usblpctrlmsg collapses the usbcontrolmsg return value to 0/-errno, discarding the actual number of bytes transferred. A broken printer can complete the GETDEVICE...

5.8AI score0.00123EPSS
Exploits0References9Affected Software1
Cvelist
Cvelist
added 2026/05/28 9:36 a.m.34 views

CVE-2026-46151 usb: usblp: fix heap leak in IEEE 1284 device ID via short response

In the Linux kernel, the following vulnerability has been resolved: usb: usblp: fix heap leak in IEEE 1284 device ID via short response usblpctrlmsg collapses the usbcontrolmsg return value to 0/-errno, discarding the actual number of bytes transferred. A broken printer can complete the GETDEVICE...

0.00123EPSS
Exploits0References8
CVE
CVE
added 2026/05/28 9:36 a.m.30 views

CVE-2026-46151

CVE-2026-46151 affects the Linux kernel USB printer driver usblp, causing a heap leak in IEEE 1284 device ID handling due to short GET_DEVICE_ID responses. The issue stems from usblp_ctrl_msg() discarding actual bytes and usblp_cache_device_id_string() trusting a 2‑byte length prefix, exposing st...

5.5CVSS5.8AI score0.00123EPSS
Exploits0References8Affected Software1
Rows per page
Query Builder