Out-of-bounds Read

Overview Affected versions of this package are vulnerable to Out-of-bounds Read via the parseiadarray function. An attacker can cause a denial of service by supplying a malformed USB descriptor with a crafted bLength value, leading to a one-byte out-of-bounds read when processing USB interface...

DEBIAN-CVE-2026-47104

libusb before version 1.0.30 contains a one-byte out-of-bounds read vulnerability in parseiadarray in descriptor.c that allows attackers to trigger a denial of service by supplying a malformed USB descriptor whose bLength equals size minus one, causing the bounds check to use the original buffer...

CVE-2026-47104

libusb before version 1.0.30 contains a one-byte out-of-bounds read vulnerability in parseiadarray in descriptor.c that allows attackers to trigger a denial of service by supplying a malformed USB descriptor whose bLength equals size minus one, causing the bounds check to use the original buffer...

CVE-2026-47104 libusb < 1.0.30 Out-of-Bounds Read in parse_iad_array()

libusb before version 1.0.30 contains a one-byte out-of-bounds read vulnerability in parseiadarray in descriptor.c that allows attackers to trigger a denial of service by supplying a malformed USB descriptor whose bLength equals size minus one, causing the bounds check to use the original buffer...

EUVD-2026-32500

libusb before version 1.0.30 contains a one-byte out-of-bounds read vulnerability in parseiadarray in descriptor.c that allows attackers to trigger a denial of service by supplying a malformed USB descriptor whose bLength equals size minus one, causing the bounds check to use the original buffer...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Fixed a NULL pointer dereference in sndusbmixercontrolsbadd In sndusbcreatestreams, for UAC version 3 devices, the Interface Association Descriptor IAD is retrieved via usbifnumtoif. If this call fails, a fallbac...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001617)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001617 advisory. drivers/usb/core/config.c in the Linux kernel before 4.13.6 allows local users to cause a denial of service out-of-bounds read and system crash or possibly have...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003376)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003376 advisory. drivers/usb/core/config.c in the Linux kernel before 4.13.6 allows local users to cause a denial of service out-of-bounds read and system crash or possibly have...

SUSE CVE-2025-40275

In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Fix NULL pointer dereference in sndusbmixercontrolsbadd In sndusbcreatestreams, for UAC version 3 devices, the Interface Association Descriptor IAD is retrieved via usbifnumtoif. If this call fails, a fallback...

CVE-2025-40275

A null pointer dereference was found in the USB audio driver in the Linux kernel. For UAC3 devices, sndusbmixercontrolsbadd does not check if usbifnumtoif returns NULL before dereferencing the result. A malicious USB device with crafted descriptors can trigger this crash...

EUVD-2025-201580

In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Fix NULL pointer dereference in sndusbmixercontrolsbadd In sndusbcreatestreams, for UAC version 3 devices, the Interface Association Descriptor IAD is retrieved via usbifnumtoif. If this call fails, a fallback...

CVE-2025-40275

In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Fix NULL pointer dereference in sndusbmixercontrolsbadd In sndusbcreatestreams, for UAC version 3 devices, the Interface Association Descriptor IAD is retrieved via usbifnumtoif. If this call fails, a fallback...

CVE-2025-40275 ALSA: usb-audio: Fix NULL pointer dereference in snd_usb_mixer_controls_badd

In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Fix NULL pointer dereference in sndusbmixercontrolsbadd In sndusbcreatestreams, for UAC version 3 devices, the Interface Association Descriptor IAD is retrieved via usbifnumtoif. If this call fails, a fallback...

SUSE CVE-2017-16531

drivers/usb/core/config.c in the Linux kernel before 4.13.6 allows local users to cause a denial of service out-of-bounds read and system crash or possibly have unspecified other impact via a crafted USB device, related to the USBDTINTERFACEASSOCIATION descriptor...

The vulnerability of the Linux operating system’s kernel allows a hacker to trigger a service failure or cause other adverse effects.

The vulnerability of the Linux operating system’s kernel drivers/usb/core/config.c arises from an operation that goes beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to cause a service failure or other effects by using a specially crafted USB device tha...

DEBIAN-CVE-2017-16531

drivers/usb/core/config.c in the Linux kernel before 4.13.6 allows local users to cause a denial of service out-of-bounds read and system crash or possibly have unspecified other impact via a crafted USB device, related to the USBDTINTERFACEASSOCIATION descriptor...

UBUNTU-CVE-2017-16531

drivers/usb/core/config.c in the Linux kernel before 4.13.6 allows local users to cause a denial of service out-of-bounds read and system crash or possibly have unspecified other impact via a crafted USB device, related to the USBDTINTERFACEASSOCIATION descriptor...

PT-2017-3154 · Linux +3 · Linux Kernel +3

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 4.13.6 Description: The issue is caused by an out-of-bounds operation in memory within the Linux kernel, specifically in the drivers/usb/core/config.c file. This can be exploited by an attacker using a specially...