SUSE CVE-2012-6544

The Bluetooth protocol stack in the Linux kernel before 3.6 does not properly initialize certain structures, which allows local users to obtain sensitive information from kernel stack memory via a crafted application that targets the 1 L2CAP or 2 HCI implementation...

SUSE CVE-2013-1574

The dissectbthcieiraddata function in epan/dissectors/packet-bthcicmd.c in the Bluetooth HCI dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 uses an incorrect data type for a counter variable, which allows remote attackers to cause a denial of service infinite loop via a malform...

SUSE CVE-2014-5263

vmstatexhcievent in hw/usb/hcd-xhci.c in QEMU 1.6.0 does not terminate the list with the VMSTATEENDOFLIST macro, which allows attackers to cause a denial of service out-of-bounds access, infinite loop, and memory corruption and possibly gain privileges via unspecified vectors...

SUSE CVE-2016-2391

The ohcibusstart function in the USB OHCI emulation support hw/usb/hcd-ohci.c in QEMU allows local guest OS administrators to cause a denial of service NULL pointer dereference and QEMU process crash via vectors related to multiple eoftimers...

SUSE CVE-2016-4037

The ehciadvancestate function in hw/usb/hcd-ehci.c in QEMU allows local guest OS administrators to cause a denial of service infinite loop and CPU consumption via a circular split isochronous transfer descriptor siTD list, a related issue to CVE-2015-8558...

SUSE CVE-2017-5667

The sdhcisdmatransfermultiblocks function in hw/sd/sdhci.c in QEMU aka Quick Emulator allows local guest OS privileged users to cause a denial of service out-of-bounds heap access and crash or execute arbitrary code on the QEMU host via vectors involving the data transfer length...

SUSE CVE-2017-9375

QEMU aka Quick Emulator, when built with USB xHCI controller emulator support, allows local guest OS privileged users to cause a denial of service infinite recursive call via vectors involving control transfer descriptors sequencing...

SUSE CVE-2020-25624

hw/usb/hcd-ohci.c in QEMU 5.0.0 has a stack-based buffer over-read via values obtained from the host controller driver...

SUSE CVE-2020-27661

A divide-by-zero issue was found in dwc2handlepacket in hw/usb/hcd-dwc2.c in the hcd-dwc2 USB host controller emulation of QEMU. A malicious guest could use this flaw to crash the QEMU process on the host, resulting in a denial of service...

SUSE CVE-2021-3564

A flaw double-free memory corruption in the Linux kernel HCI device initialization subsystem was found in the way user attach malicious HCI TTY Bluetooth device. A local user could use this flaw to crash the system. This flaw affects all the Linux kernel versions starting from 3.13...

SUSE CVE-2022-3872

An off-by-one read/write issue was found in the SDHCI device of QEMU. It occurs when reading/writing the Buffer Data Port Register in sdhcireaddataport and sdhciwritedataport, respectively, if datacount == blocksize. A malicious guest could use this flaw to crash the QEMU process on the host,...

PT-2023-34856 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.10.165 Description: The issue concerns the xhci component of the Linux Kernel, where an endpoint is not properly validated before being dereferenced. This could potentially lead to security vulnerabilities,...

CVE-2023-0396

A malicious / defective bluetooth controller can cause buffer overreads in the most functions that process HCI command responses...

CVE-2022-3806

Inconsistent handling of error cases in bluetooth hci may lead to a double free condition of a network buffer...

RHEL 9 : kernel (RHSA-2023:0334)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:0334 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: watch queue race condition can...

PT-2023-9427 · Linux +4 · Linux Kernel +4

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to the xhci component in the Linux kernel, where a NULL pointer dereference can occur when the host controller is not responding, causing a kernel panic. This...

PT-2025-37561

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A memory leak exists in the USB UHCI driver when using the debugfs lookup function. Failing to call dput on the result of debugfs lookup leads to a memory leak over time. The issue is...

PT-2025-49731

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel related to out-of-bound memory access within the xhci-dbc driver. Specifically, if the xdbc bulk write function fails, the buffer used by the xdbc trace...

The vulnerability of the USB 2.0 (EHCI) controller in VMware ESXi, VMware Workstation, and VMware Fusion, as well as in the virtualization platform VMware Cloud Foundation, allows a perpetrator to execute arbitrary code.

The vulnerability of the USB 2.0 EHCI controller in VMware ESXi, VMware Workstation, and VMware Fusion, as well as in the virtualization platform VMware Cloud Foundation, relates to the ability to write beyond the buffer. Exploiting this vulnerability could allow an attacker to execute arbitrary...

EulerOS 2.0 SP9 : kernel (EulerOS-SA-2022-2767)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Insufficient control flow management for the IntelR 82599 Ethernet Controllers and Adapters may allow an authenticated user to potentially enabl...