22 matches found
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: xHCI: Properly handling isoc Babble and Buffer Overrun events. xHCI 4.9 explicitly prohibits making assumptions that the xHC has released its ownership of a multi-TRB TD when an error occurs in one of the early TRBs. However,...
EUVD-2016-5043
Malware in sbrugna...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-984807)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-984807 advisory. In the Linux kernel, the following vulnerability has been resolved: xhci: handle isoc Babble and Buffer Overrun events properly xHCI 4.9 explicitly forbids assuming...
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: usb: xhci: Don’t skip on “Stopped – Length Invalid” events. Until the commit d56b0b2ab142 “usb: xhci: ensure skipped isochronous TDs are returned when the isochronous ring is stopped” in v6.11, the driver did not skip missed...
DEBIAN-CVE-2025-22023
In the Linux kernel, the following vulnerability has been resolved: usb: xhci: Don't skip on Stopped - Length Invalid Up until commit d56b0b2ab142 "usb: xhci: ensure skipped isoc TDs are returned when isoc ring is stopped" in v6.11, the driver didn't skip missed isochronous TDs when handling...
CVE-2025-22022
In the Linux kernel, the following vulnerability has been resolved: usb: xhci: Apply the link chain quirk on NEC isoc endpoints Two clearly different specimens of NEC uPD720200 one with start/stop bug, one without were seen to cause IOMMU faults after some Missed Service Errors. Faulting address ...
CVE-2025-22023 usb: xhci: Don't skip on Stopped - Length Invalid
In the Linux kernel, the following vulnerability has been resolved: usb: xhci: Don't skip on Stopped - Length Invalid Up until commit d56b0b2ab142 "usb: xhci: ensure skipped isoc TDs are returned when isoc ring is stopped" in v6.11, the driver didn't skip missed isochronous TDs when handling...
CVE-2025-22023 usb: xhci: Don't skip on Stopped - Length Invalid
In the Linux kernel, the following vulnerability has been resolved: usb: xhci: Don't skip on Stopped - Length Invalid Up until commit d56b0b2ab142 "usb: xhci: ensure skipped isoc TDs are returned when isoc ring is stopped" in v6.11, the driver didn't skip missed isochronous TDs when handling...
UBUNTU-CVE-2024-26659
In the Linux kernel, the following vulnerability has been resolved: xhci: handle isoc Babble and Buffer Overrun events properly xHCI 4.9 explicitly forbids assuming that the xHC has released its ownership of a multi-TRB TD when it reports an error on one of the early TRBs. Yet the driver makes su...
SUSE CVE-2015-8558
The ehciprocessitd function in hw/usb/hcd-ehci.c in QEMU allows local guest OS administrators to cause a denial of service infinite loop and CPU consumption via a circular isochronous transfer descriptor iTD list...
CVE-2016-4037
The ehciadvancestate function in hw/usb/hcd-ehci.c in QEMU allows local guest OS administrators to cause a denial of service infinite loop and CPU consumption via a circular split isochronous transfer descriptor siTD list, a related issue to CVE-2015-8558...
DEBIAN-CVE-2016-4037
The ehciadvancestate function in hw/usb/hcd-ehci.c in QEMU allows local guest OS administrators to cause a denial of service infinite loop and CPU consumption via a circular split isochronous transfer descriptor siTD list, a related issue to CVE-2015-8558...
CVE-2015-8558
The ehciprocessitd function in hw/usb/hcd-ehci.c in QEMU allows local guest OS administrators to cause a denial of service infinite loop and CPU consumption via a circular isochronous transfer descriptor iTD list...
CVE-2016-4037
The ehciadvancestate function in hw/usb/hcd-ehci.c in QEMU allows local guest OS administrators to cause a denial of service infinite loop and CPU consumption via a circular split isochronous transfer descriptor siTD list, a related issue to CVE-2015-8558...
CVE-2016-4037
The ehciadvancestate function in hw/usb/hcd-ehci.c in QEMU allows local guest OS administrators to cause a denial of service infinite loop and CPU consumption via a circular split isochronous transfer descriptor siTD list, a related issue to CVE-2015-8558...
CVE-2015-8558
The ehciprocessitd function in hw/usb/hcd-ehci.c in QEMU allows local guest OS administrators to cause a denial of service infinite loop and CPU consumption via a circular isochronous transfer descriptor iTD list...
CVE-2015-8558
CVE-2015-8558 is a QEMU USB EHCI emulation flaw in ehci_process_itd that can cause an infinite loop and CPU DoS when a circular iTD list is processed. A privileged guest user could exploit this locally. Debian security advisory DSA-3471-1 notes a fix in qemu for Jessie: upgrade to 1:2.1+dfsg-12+d...
CVE-2015-8558
The ehciprocessitd function in hw/usb/hcd-ehci.c in QEMU allows local guest OS administrators to cause a denial of service infinite loop and CPU consumption via a circular isochronous transfer descriptor iTD list...
CVE-2016-4037
The ehciadvancestate function in hw/usb/hcd-ehci.c in QEMU allows local guest OS administrators to cause a denial of service infinite loop and CPU consumption via a circular split isochronous transfer descriptor siTD list, a related issue to CVE-2015-8558...
FreeBSD : qemu -- denial of service vulnerability in USB EHCI emulation support (60cb2055-b1b8-11e5-9728-002590263bf5)
Prasad J Pandit, Red Hat Product Security Team, reports : Qemu emulator built with the USB EHCI emulation support is vulnerable to an infinite loop issue. It occurs during communication between host controller interfaceEHCI and a respective device driver. These two communicate via a isochronous...