CVE-2026-43250 usb: chipidea: udc: fix DMA and SG cleanup in _ep_nuke()

In the Linux kernel, the following vulnerability has been resolved: usb: chipidea: udc: fix DMA and SG cleanup in epnuke The ChipIdea UDC driver can encounter "not page aligned sg buffer" errors when a USB device is reconnected after being disconnected during an active transfer. This occurs becau...

CVE-2025-40189 net: usb: lan78xx: Fix lost EEPROM read timeout error(-ETIMEDOUT) in lan78xx_read_raw_eeprom

In the Linux kernel, the following vulnerability has been resolved: net: usb: lan78xx: Fix lost EEPROM read timeout error-ETIMEDOUT in lan78xxreadraweeprom Syzbot reported read of uninitialized variable BUG with following call stack. lan78xx 8-1:1.0 unnamed netdevice uninitialized: EEPROM read...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989129)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989129 advisory. In the Linux kernel, the following vulnerability has been resolved: net: usb: aqc111: Fix out-of-bounds accesses in RX fixup aqc111rxfixup contains several...

AlmaLinux 8 : kernel-rt (ALSA-2025:18298)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:18298 advisory. kernel: ALSA: usb-audio: Validate UAC3 cluster segment descriptors CVE-2025-39757 kernel: ALSA: hda/ca0132: Fix buffer overflow in addtuningcontrol...

EUVD-2017-0891

Malware in sbrugna...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-986599)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986599 advisory. In the Linux kernel, the following vulnerability has been resolved: usb: musb: tusb6010: check return value after calling platformgetresource It will cause...

CVE-2023-53551 usb: gadget: u_serial: Add null pointer check in gserial_resume

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: userial: Add null pointer check in gserialresume Consider a case where gserialdisconnect has already cleared gser-ioport. And if a wakeup interrupt triggers afterwards, gserialresume gets called, which will lead to...

Linux Distros Unpatched Vulnerability : CVE-2023-53410

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - USB: ULPI: fix memory leak with using debugfslookup When calling debugfslookup the result must have dput called on it, otherwise the memory will leak over time...

Linux Distros Unpatched Vulnerability : CVE-2021-47271

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: usb: cdnsp: Fix deadlock issue in cdnspthreadirqhandler Patch fixes the following critical...

Vulnerability of the dwc3_wIndex_to_dep() function in the drivers/usb/dwc3/ep0.c module – The USB device driver support module in the Linux kernel allows a hacker to trigger a service failure.

Vulnerability of the dwc3wIndextodep function in the drivers/usb/dwc3/ep0.c module – The Linux kernel’s USB device support driver relies on the assignment of the NULL pointer. Exploiting this vulnerability could allow an attacker to cause a service failure...

CVE-2022-49943

In the Linux kernel, the following vulnerability has been resolved: USB: gadget: Fix obscure lockdep violation for udcmutex A recent commit expanding the scope of the udclock mutex in the gadget core managed to cause an obscure and slightly bizarre lockdep violation. In abbreviated form:...

CVE-2022-50133 usb: xhci_plat_remove: avoid NULL dereference

In the Linux kernel, the following vulnerability has been resolved: usb: xhciplatremove: avoid NULL dereference Since commit 4736ebd7fcaff1eb8481c140ba494962847d6e0a "usb: host: xhci-plat: omit shared hcd if either root hub has no ports" xhci-sharedhcd can be NULL, which causes the following Oops...

CVE-2022-50034 usb: cdns3 fix use-after-free at workaround 2

In the Linux kernel, the following vulnerability has been resolved: usb: cdns3 fix use-after-free at workaround 2 BUG: KFENCE: use-after-free read in listdelentryvalid+0x10/0xac cdns3wa2removeoldrequest ... kfreeprivreq-request.buf; cdns3gadgetepfreerequest&privep-endpoint, &privreq-request;...

CVE-2025-37811 usb: chipidea: ci_hdrc_imx: fix usbmisc handling

In the Linux kernel, the following vulnerability has been resolved: usb: chipidea: cihdrcimx: fix usbmisc handling usbmisc is an optional device property so it is totally valid for the corresponding data-usbmiscdata to have a NULL value. Check that before dereferencing the pointer. Found by Linux...

CVE-2023-53045

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: uaudio: don't let userspace block driver unbind In the unbind callback for fuac1 and fuac2, a call to sndcardfree via gaudiocleanup will disconnect the card and then wait for all resources to be released, which happe...

CVE-2025-21918

In the Linux kernel, the following vulnerability has been resolved: usb: typec: ucsi: Fix NULL pointer access Resources should be released only after all threads that utilize them have been destroyed. This commit ensures that resources are not released prematurely by waiting for the associated...

Vulnerability of the dsps_probe() function in the drivers/usb/musb/musb_dsps.c module – The driver for supporting USB devices in Linux kernels allows a hacker to cause a service failure.

Vulnerability of the dspsprobe function in the drivers/usb/musb/musbdsps.c module – The Linux kernel’s USB device support driver is vulnerable due to a pointer issue related to NULL pointers. Exploiting this vulnerability could allow an attacker to cause a service failure...

Vulnerability of the ci_hdrc_imx_probe() function in the drivers/usb/chipidea/ci_hdrc_imx.c module – This driver provides support for USB devices on Linux kernels. It can be exploited by attackers to cause system failures.

Vulnerability of the cihdrcimxprobe function in the drivers/usb/chipidea/cihdrcimx.c module – The Linux kernel’s USB device support driver is vulnerable due to a pointer issue related to NULL pointers. Exploiting this vulnerability could allow an attacker to cause system failures...

CVE-2023-52938

In the Linux kernel, the following vulnerability has been resolved: usb: typec: ucsi: Don't attempt to resume the ports before they exist This will fix null pointer dereference that was caused by the driver attempting to resume ports that were not yet registered...

CVE-2022-49755

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: ffs: Prevent race during ffsep0queuewait While performing fast composition switch, there is a possibility that the process of ffsep0write/ffsep0read get into a race condition due to ep0req being freed up from...