CVE-2025-21951 bus: mhi: host: pci_generic: Use pci_try_reset_function() to avoid deadlock

In the Linux kernel, the following vulnerability has been resolved: bus: mhi: host: pcigeneric: Use pcitryresetfunction to avoid deadlock There are multiple places from where the recovery work gets scheduled asynchronously. Also, there are multiple places where the caller waits synchronously for...

SUSE CVE-2023-53018

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hciconn: Fix memory leaks When hcicmdsyncqueue failed in hcileterminatebig or hcilebigterminate, the memory pointed by variable d is not freed, which will cause memory leak. Add release process to error path...

Ubuntu 22.04 LTS / 24.04 LTS : Linux kernel vulnerabilities (USN-7383-1)

"The remote Ubuntu 22.04 LTS / 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7383-1 advisory. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update...

USN-7383-2 linux-realtime vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - x86 architecture; - Block layer subsystem; - Drivers core; - Ublk userspace block driver; -...

DEBIAN-CVE-2023-53018

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hciconn: Fix memory leaks When hcicmdsyncqueue failed in hcileterminatebig or hcilebigterminate, the memory pointed by variable d is not freed, which will cause memory leak. Add release process to error path...

The vulnerability of the xhci kernel component in Linux operating systems allows a hacker to trigger a service failure.

The vulnerability of the xhci core in the Linux operating system is related to incorrect validation of input data in the tegraxusbenterelpg function in drivers/usb/host/xhci-tegra.c. Exploiting this vulnerability can allow an attacker to cause a service failure...

The vulnerability of the xhci kernel component in the Linux operating system allows a hacker to increase their privileges within the system.

The vulnerability of the xhci kernel component in Linux operating systems is related to errors that occur after release. Exploiting this vulnerability can allow an attacker to cause a service failure...

usb: xhci: Fix NULL pointer dereference on certain command aborts

...

The vulnerability of the HCI interface of Espressif ESP32 microcontroller software allows attackers to circumvent existing security restrictions.

The vulnerability of the HCI interface in Espressif ESP32 microcontroller software lies in the presence of undocumented configuration commands. Exploiting this vulnerability can allow attackers to circumvent existing security restrictions...

Espressif ESP32 安全漏洞

Espressif ESP32 is a microcontroller from China Loxin Espressif. A security vulnerability exists in the Espressif ESP32 that stems from hidden HCI commands that may result in memory writes...

Important: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: ata: libata-core: Fix null pointer dereference on error CVE-2024-41098 In the Linux kernel, the following vulnerability has been resolved: cgroup/cpuset: Prevent UAF in proccpusetshow CVE-2024-43853 In the Linux...

Linux Distros Unpatched Vulnerability : CVE-2023-4010

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in the USB Host Controller Driver framework in the Linux kernel. The usbgivebackurb function has a logic loophole in its implementation. Due to...

Linux Distros Unpatched Vulnerability : CVE-2023-52901

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - usb: xhci: Check endpoint is valid before dereferencing it When the host controller is not responding, all URBs queued to all endpoints need to be killed. This...

SUSE CVE-2022-49136

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcisync: Fix queuing commands when HCIUNREGISTER is set hcicmdsyncqueue shall return an error if HCIUNREGISTER flag has been set as that means hciunregisterdev has been called so it will likely cause a uaf after the...

SUSE CVE-2022-49139

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: fix null ptr deref on hcisyncconncompleteevt This event is just specified for SCO and eSCO link types. On the reception of a HCISynchronousConnectionComplete for a BDADDR of an existing LE connection, LE link type and ...

UBUNTU-CVE-2024-57981

In the Linux kernel, the following vulnerability has been resolved: usb: xhci: Fix NULL pointer dereference on certain command aborts If a command is queued to the final usable TRB of a ring segment, the enqueue pointer is advanced to the subsequent link TRB and no further. If the command is late...

DEBIAN-CVE-2022-49713

In the Linux kernel, the following vulnerability has been resolved: usb: dwc2: Fix memory leak in dwc2hcdinit usbcreatehcd will alloc memory for hcd, and we should call usbputhcd to free it when platformgetresource fails to prevent memory leak. goto error2 label instead error1 to fix this...

UBUNTU-CVE-2022-49470

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btmtksdio: fix use-after-free at btmtksdiorecvevent We should not access skb buffer data anymore after hcirecvframe was called. 39.634809 BUG: KASAN: use-after-free in btmtksdiorecvevent+0x1b0 39.634855 Read of size 1 ...

DEBIAN-CVE-2022-49138

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcievent: Ignore multiple conn complete events When one of the three connection complete events is received multiple times for the same handle, the device is registered multiple times which leads to memory corruptions...

DEBIAN-CVE-2022-49111

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Fix use after free in hcisendacl This fixes the following trace caused by receiving HCIEVDISCONNPHYLINKCOMPLETE which does call hciconndel without first checking if conn-type is in fact AMPLINK and in case it is do...