Lucene search
K

62 matches found

Cvelist
Cvelist
added 2025/03/27 4:43 p.m.12 views

CVE-2022-49755 usb: gadget: f_fs: Prevent race during ffs_ep0_queue_wait

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: ffs: Prevent race during ffsep0queuewait While performing fast composition switch, there is a possibility that the process of ffsep0write/ffsep0read get into a race condition due to ep0req being freed up from...

0.0022EPSS
Exploits0References7
OSV
OSV
added 2025/03/27 4:37 p.m.9 views

CVE-2023-52938 usb: typec: ucsi: Don't attempt to resume the ports before they exist

In the Linux kernel, the following vulnerability has been resolved: usb: typec: ucsi: Don't attempt to resume the ports before they exist This will fix null pointer dereference that was caused by the driver attempting to resume ports that were not yet registered...

5.5CVSS5.8AI score0.00197EPSS
Exploits0References5
BDU FSTEC
BDU FSTEC
added 2025/03/27 12:0 a.m.8 views

The vulnerability of the Linux operating system’s kernel USB component, which allows a hacker to trigger a service failure

The vulnerability of the usbtmccreateurb function in the Linux kernel USB component is related to a memory leak. Exploiting this vulnerability could allow an attacker to cause a system failure...

5.5CVSS6.6AI score0.00221EPSS
Exploits0References15Affected Software8
Debian CVE
Debian CVE
added 2025/02/26 2:10 a.m.7 views

CVE-2022-49302

In the Linux kernel, the following vulnerability has been resolved: USB: host: isp116x: check return value after calling platformgetresource It will cause null-ptr-deref if platformgetresource returns NULL, we need check the return value...

5.5CVSS5.6AI score0.00246EPSS
Exploits0
AstraLinux
AstraLinux
added 2025/02/11 7:35 a.m.2 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: st: fix for the problem where the reference count of the platform device is checked during the error path. The probe function never performs any platform device allocation. Therefore, the error path...

7.8CVSS6.2AI score0.00259EPSS
Exploits0References3
NVD
NVD
added 2025/02/10 4:15 p.m.7 views

CVE-2025-21689

In the Linux kernel, the following vulnerability has been resolved: USB: serial: quatech2: fix null-ptr-deref in qt2processreadurb This patch addresses a null-ptr-deref in qt2processreadurb due to an incorrect bounds check in the following: if newport serial-numports deverr&port-dev, "%s - port...

5.5CVSS0.00201EPSS
Exploits0References10
OSV
OSV
added 2024/12/27 1:49 p.m.12 views

CVE-2024-53203 usb: typec: fix potential array underflow in ucsi_ccg_sync_control()

In the Linux kernel, the following vulnerability has been resolved: usb: typec: fix potential array underflow in ucsiccgsynccontrol The "command" variable can be controlled by the user via debugfs. The worry is that if conindex is zero then "&uc-ucsi-connectorconindex - 1" would be an array...

7.8CVSS6.4AI score0.0024EPSS
Exploits0References12
Cvelist
Cvelist
added 2024/11/07 9:31 a.m.27 views

CVE-2024-50150 usb: typec: altmode should keep reference to parent

In the Linux kernel, the following vulnerability has been resolved: usb: typec: altmode should keep reference to parent The altmode device release refers to its parent device, but without keeping a reference to it. When registering the altmode, get a reference to the parent and put it in the...

0.00244EPSS
Exploits0References8
CVE
CVE
added 2024/10/09 2:49 p.m.142 views

CVE-2024-47671

The CVE-2024-47671 entry concerns a Linux kernel vulnerability in USBimp: usbtiusmb? The provided connected documents confirm a kernel-infoleak in USB: usbtmc, with the root cause described as a need to clear the data structure before filling fields in usbtmc_write. The fix/workaround is to preve...

5.5CVSS6.8AI score0.00221EPSS
Exploits0References10Affected Software1
Vulnrichment
Vulnrichment
added 2024/10/09 2:49 p.m.18 views

CVE-2024-47671 USB: usbtmc: prevent kernel-usb-infoleak

In the Linux kernel, the following vulnerability has been resolved: USB: usbtmc: prevent kernel-usb-infoleak The syzbot reported a kernel-usb-infoleak in usbtmcwrite, we need to clear the structure before filling fields...

6.8AI score0.00221EPSS
Exploits0References8
Cvelist
Cvelist
added 2024/09/04 6:35 p.m.32 views

CVE-2024-44960 usb: gadget: core: Check for unset descriptor

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: core: Check for unset descriptor Make sure the descriptor has been set before looking at maxpacket. This fixes a null pointer panic in this case. This may happen if the gadget doesn't properly set up the endpoint for...

0.00232EPSS
Exploits0References8
CVE
CVE
added 2024/07/29 3:48 p.m.168 views

CVE-2024-41097

CVE-2024-41097 concerns the Linux kernel USB ATM cxacru driver. The issue stemmed from incomplete endpoint checking during cxacru_bind(), which could cause wrong endpoint types to be used when submitting URBs. The patch adds verification that required endpoint types are present for both IN and OU...

5.5CVSS6.5AI score0.00234EPSS
Exploits0References9Affected Software1
RedhatCVE
RedhatCVE
added 2024/06/18 11:18 p.m.28 views

CVE-2024-36977

In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: Wait unconditionally after issuing EndXfer command Currently all controller IP/revisions except DWC3usb3 = 310a wait 1ms unconditionally for ENDXFER completion when IOC is not set. This is because DWCusb3 controller...

4.4CVSS7AI score0.00212EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2024/06/18 2:43 a.m.3 views

SUSE CVE-2024-38394

Mismatches in interpreting USB authorization policy between GNOME Settings Daemon GSD through 46.0 and the Linux kernel's underlying device matching logic allow a physically proximate attacker to access some unintended Linux kernel USB functionality, such as USB device-specific kernel modules and...

6.8CVSS6.6AI score0.00318EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2024/05/30 3:28 p.m.20 views

CVE-2024-36894 usb: gadget: f_fs: Fix race between aio_cancel() and AIO request complete

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: ffs: Fix race between aiocancel and AIO request complete FFS based applications can utilize the aiocancel callback to dequeue pending USB requests submitted to the UDC. There is a scenario where the FFS application...

6.8AI score0.00291EPSS
Exploits0References8
OSV
OSV
added 2024/05/21 3:15 p.m.3 views

DEBIAN-CVE-2021-47231

In the Linux kernel, the following vulnerability has been resolved: can: mcbausb: fix memory leak in mcbausb Syzbot reported memory leak in SocketCAN driver for Microchip CAN BUS Analyzer Tool. The problem was in unfreed usbcoherent. In mcbausbstart 20 coherent buffers are allocated and there is...

5.5CVSS5.3AI score0.00226EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/05/21 2:19 p.m.17 views

CVE-2021-47220

...

9.4AI score
Exploits0
CVE
CVE
added 2024/05/21 2:19 p.m.69 views

CVE-2021-47220

CVE-2021-47220 : This CVE ID is rejected and not an active vulnerability entry.

6.7AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2024/05/15 12:0 a.m.6 views

The vulnerability of the update_port_device_state() function in the Linux kernel USB driver allows a hacker to induce a service failure.

The vulnerability of the updateportdevicestate function in the drivers/usb/core/hub.c file of the Linux kernel’s USB driver relates to the assignment of a null pointer. Exploiting this vulnerability could allow an attacker to cause a service failure...

4.6CVSS6.4AI score0.00227EPSS
Exploits0References12Affected Software3
CVE
CVE
added 2024/05/01 5:17 a.m.142 views

CVE-2024-26932

Mode C: CVE-2024-26932 affects the Linux kernel USB Type-C tcpm path. The issue is a double-free of the same capabilitiy when unregistering PD capabilities in tcpm_port_unregister_pd(), where the first free occurs via pd_capabilities_release() and the second is explicit in tcpm_port_unregister_pd...

7.8CVSS6.7AI score0.00216EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder