Lucene search
K

24 matches found

Tenable Nessus
Tenable Nessus
added 2026/06/28 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2026-53196

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - USB: serial: ioti: fix heap overflow in getmanufinfo getmanufinfo reads le16tocpuromdesc-Size bytes from the device I2C EEPROM into a buffer allocated with...

6.8CVSS6.2AI score0.00284EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/06/28 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2026-53195

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - USB: serial: ioti: fix heap overflow in buildi2cfwhdr buildi2cfwhdr allocates a fixed-size buffer of 161024 - 512 + sizeofstruct tii2cfirmwarerec bytes, then...

7.8CVSS6.1AI score0.00153EPSS
Exploits0References3
Microsoft CVE
Microsoft CVE
added 2026/06/27 8:4 a.m.9 views

USB: serial: io_ti: fix heap overflow in build_i2c_fw_hdr()

...

7.8CVSS5.8AI score0.00153EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2026/06/26 2:10 a.m.7 views

SUSE CVE-2026-53196

In the Linux kernel, the following vulnerability has been resolved: USB: serial: ioti: fix heap overflow in getmanufinfo getmanufinfo reads le16tocpuromdesc-Size bytes from the device I2C EEPROM into a buffer allocated with kmallocobj, which is sizeofstruct edgetimanufdescriptor = 10 bytes. The...

6.8CVSS6AI score0.00284EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/06/26 12:27 a.m.9 views

CVE-2026-53195

A flaw was found in the USB: serial: ioti module of the Linux kernel. The buildi2cfwhdr function allocates a fixed-size buffer but copies data into it without properly validating the input length from the firmware header. This oversight allows an attacker to provide a crafted firmware image,...

7.8CVSS6.7AI score0.00153EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/06/25 11:6 p.m.4 views

CVE-2026-53196

A flaw was found in the Linux kernel's ioti USB serial driver. A malicious USB device, when plugged into a host running this driver, can exploit a heap overflow vulnerability in the getmanufinfo function. This occurs because the driver does not properly validate the size of data read from the...

6.8CVSS6.2AI score0.00284EPSS
Exploits0References4
NVD
NVD
added 2026/06/25 9:16 a.m.6 views

CVE-2026-53196

In the Linux kernel, the following vulnerability has been resolved: USB: serial: ioti: fix heap overflow in getmanufinfo getmanufinfo reads le16tocpuromdesc-Size bytes from the device I2C EEPROM into a buffer allocated with kmallocobj, which is sizeofstruct edgetimanufdescriptor = 10 bytes. The...

6.8CVSS0.00284EPSS
Exploits0References11
EUVD
EUVD
added 2026/06/25 8:39 a.m.5 views

EUVD-2026-39287

In the Linux kernel, the following vulnerability has been resolved: USB: serial: ioti: fix heap overflow in getmanufinfo getmanufinfo reads le16tocpuromdesc-Size bytes from the device I2C EEPROM into a buffer allocated with kmallocobj, which is sizeofstruct edgetimanufdescriptor = 10 bytes. The...

6AI score0.00284EPSS
Exploits0References8
CVE
CVE
added 2026/06/25 8:39 a.m.16 views

CVE-2026-53196

In the Linux kernel USB: serial: io_ti driver, CVE-2026-53196 describes a heap overflow in get_manuf_info() caused by reading rom_desc->Size bytes from an I2C EEPROM into a 10-byte buffer (kmalloc_obj()). Size is only checked against TI_MAX_I2C_SIZE (16384), allowing a malicious device to set ...

6.8CVSS6AI score0.00284EPSS
Exploits0References11Affected Software1
OSV
OSV
added 2026/06/25 8:39 a.m.6 views

CVE-2026-53195 USB: serial: io_ti: fix heap overflow in build_i2c_fw_hdr()

In the Linux kernel, the following vulnerability has been resolved: USB: serial: ioti: fix heap overflow in buildi2cfwhdr buildi2cfwhdr allocates a fixed-size buffer of 161024 - 512 + sizeofstruct tii2cfirmwarerec bytes, then copies le16tocpuimgheader-Length bytes into it without validating that...

7.8CVSS6AI score0.00153EPSS
Exploits0References11
EUVD
EUVD
added 2026/06/25 8:39 a.m.6 views

EUVD-2026-39286

In the Linux kernel, the following vulnerability has been resolved: USB: serial: ioti: fix heap overflow in buildi2cfwhdr buildi2cfwhdr allocates a fixed-size buffer of 161024 - 512 + sizeofstruct tii2cfirmwarerec bytes, then copies le16tocpuimgheader-Length bytes into it without validating that...

6AI score0.00153EPSS
Exploits0References8
CVE
CVE
added 2026/06/25 8:39 a.m.21 views

CVE-2026-53195

The CVE-2026-53195 issue affects the Linux kernel USB: serial: io_ti driver. build_i2c_fw_hdr() allocates a fixed buffer and copies img_header->Length (up to 65535) without validating it against remaining space, enabling a potential heap overflow. The root cause is that check_fw_sanity() valid...

7.8CVSS6AI score0.00153EPSS
Exploits0References8Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/01/15 12:0 a.m.4 views

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003073)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003073 advisory. In changeportsettings in drivers/usb/serial/ioti.c in the Linux kernel before 4.11.3, local users could cause a denial of service by division-by-zero in the serial...

5.5CVSS6.4AI score0.0043EPSS
Exploits0References10
Tenable Nessus
Tenable Nessus
added 2026/01/15 12:0 a.m.3 views

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-003446)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003446 advisory. The edgebulkincallback function in drivers/usb/serial/ioti.c in the Linux kernel before 4.10.4 allows local users to obtain sensitive information in the dmesg...

4.6CVSS6.2AI score0.0048EPSS
Exploits0References8
CVE
CVE
added 2019/01/31 9:0 a.m.193 views

CVE-2017-18360

CVE-2017-18360 affects the Linux kernel: in drivers/usb/serial/io_ti.c, change_port_settings before version 4.11.3 allows a local attacker to trigger a division-by-zero in the serial device layer when attempting to set very high baud rates, causing a denial of service. Public references (NVD entr...

5.5CVSS5.5AI score0.0043EPSS
Exploits0References7Affected Software1
RedHat Linux
RedHat Linux
added 2018/10/30 12:31 p.m.13 views

kernel: Division by zero in change_port_settings in drivers/usb/serial/io_ti.c resulting in a denial of service

A division-by-zero in settermios, when debugging is enabled, was found in the Linux kernel. When the ioti driver is loaded, a local unprivileged attacker can request incorrect high transfer speed in the changeportsettings in the drivers/usb/serial/ioti.c so that the divisor value becomes zero and...

5.5CVSS6.7AI score0.0043EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2018/10/30 10:4 a.m.8 views

kernel: Division by zero in change_port_settings in drivers/usb/serial/io_ti.c resulting in a denial of service

A division-by-zero in settermios, when debugging is enabled, was found in the Linux kernel. When the ioti driver is loaded, a local unprivileged attacker can request incorrect high transfer speed in the changeportsettings in the drivers/usb/serial/ioti.c so that the divisor value becomes zero and...

5.5CVSS6.7AI score0.0043EPSS
Exploits0References4
NVD
NVD
added 2017/05/12 9:29 p.m.28 views

CVE-2017-8924

The edgebulkincallback function in drivers/usb/serial/ioti.c in the Linux kernel before 4.10.4 allows local users to obtain sensitive information in the dmesg ringbuffer and syslog from uninitialized kernel memory by using a crafted USB device posing as an ioti USB serial device to trigger an...

4.6CVSS5.9AI score0.0048EPSS
Exploits0References5
OSV
OSV
added 2017/05/12 9:29 p.m.4 views

DEBIAN-CVE-2017-8924

The edgebulkincallback function in drivers/usb/serial/ioti.c in the Linux kernel before 4.10.4 allows local users to obtain sensitive information in the dmesg ringbuffer and syslog from uninitialized kernel memory by using a crafted USB device posing as an ioti USB serial device to trigger an...

4.6CVSS6AI score0.0048EPSS
Exploits0References1
OSV
OSV
added 2017/05/12 12:0 a.m.4 views

UBUNTU-CVE-2017-8924

The edgebulkincallback function in drivers/usb/serial/ioti.c in the Linux kernel before 4.10.4 allows local users to obtain sensitive information in the dmesg ringbuffer and syslog from uninitialized kernel memory by using a crafted USB device posing as an ioti USB serial device to trigger an...

4.6CVSS6.6AI score0.0048EPSS
Exploits0References9
Rows per page
Query Builder