kernel: Bluetooth: hci_event: Fix UAF in hci_conn_tx_dequeue

A flaw was discovered in the Bluetooth subsystem of the Linux kernel. When processing a HCIEVNUMCOMPPKTS event, the function hciconntxdequeue did not properly hold or release the hdev device lock, which may lead to a use-after-free of the connection structure...

kernel: Linux kernel: Denial of Service in Bluetooth HCI UART driver via null pointer dereference

A flaw was found in the Linux kernel's Bluetooth HCI UART driver. A race condition exists where the hciuartwritework function may attempt to access uninitialized private data if a TTY write wakeup occurs during the protocol initialization phase. This can lead to a NULL pointer dereference,...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990523)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990523 advisory. In the Linux kernel, the following vulnerability has been resolved: xhci: Fix command ring pointer corruption while aborting a command The command ring pointer is...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-990130)

"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990130 advisory. In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcicore: cancel all works upon hciunregisterdev syzbot is reporting that calling...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989065)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989065 advisory. In the Linux kernel, the following vulnerability has been resolved: usb: xhci-plat: fix crash when suspend if remote wake enable Crashed at i.mx8qm platform when...

Unity Linux 20.1050e Security Update: kernel (UTSA-2025-990010)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990010 advisory. In the Linux kernel, the following vulnerability has been resolved: xhci: Fix command ring pointer corruption while aborting a command The command ring pointer is...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989822)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989822 advisory. In the Linux kernel, the following vulnerability has been resolved: usb: xhci: Check endpoint is valid before dereferencing it When the host controller is not...

CVE-2025-40076

The CVE-2025-40076 entry describes a Linux kernel PCI issue in the rcar-host driver where the MSI parent IRQ domain could be NULL due to how irq_domain_info is passed during a transition to msi_create_parent_irq_domain(). This could cause a NULL pointer dereference in generic_handle_domain_irq() ...

EUVD-2023-60010

In the Linux kernel, the following vulnerability has been resolved: ring-buffer: Do not swap cpubuffer during resize process When ringbufferswapcpu was called during resize process, the cpu buffer was swapped in the middle, resulting in incorrect state. Continuing to run in the wrong state will...

UBUNTU-CVE-2025-39983

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcievent: Fix UAF in hciconntxdequeue This fixes the following UAF caused by not properly locking hdev when processing HCIEVNUMCOMPPKTS: BUG: KASAN: slab-use-after-free in hciconntxdequeue+0x1be/0x220...

SUSE CVE-2022-50544

In the Linux kernel, the following vulnerability has been resolved: usb: host: xhci: Fix potential memory leak in xhciallocstreaminfo xhciallocstreaminfo allocates stream context array for streaminfo -streamctxarray with xhciallocstreamctx. When some error occurs, streaminfo-streamctxarray is not...

CVE-2022-50544 usb: host: xhci: Fix potential memory leak in xhci_alloc_stream_info()

In the Linux kernel, the following vulnerability has been resolved: usb: host: xhci: Fix potential memory leak in xhciallocstreaminfo xhciallocstreaminfo allocates stream context array for streaminfo -streamctxarray with xhciallocstreamctx. When some error occurs, streaminfo-streamctxarray is not...

EUVD-2025-32811

In the Linux kernel, the following vulnerability has been resolved: usb: host: xhci: Fix potential memory leak in xhciallocstreaminfo xhciallocstreaminfo allocates stream context array for streaminfo -streamctxarray with xhciallocstreamctx. When some error occurs, streaminfo-streamctxarray is not...

CVE-2022-50544

In CVE-2022-50544, the Linux kernel USB host xHCI code (xhci_alloc_stream_info) allocates a stream_ctx_array via xhci_alloc_stream_ctx and fails to free stream_info->stream_ctx_array on certain error paths, causing a memory leak. The documented fix releases stream_info->stream_ctx_array wit...

EUVD-2020-20168

Malware in sbrugna...

EUVD-2020-18301

Malware in sbrugna...

EUVD-2013-5006

Malware in sbrugna...

EUVD-2020-2071

Malware in sbrugna...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-987359)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987359 advisory. In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Fix use after free in hcisendacl This fixes the following trace caused by receiving...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-987175)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987175 advisory. In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: fix use-after-free in l2capconndel When l2caprecvframe is invoked to receive...