Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: USB: core: Fixed a deadlock in the usbdeauthorizeinterface function. Among the attribute file callback routines in drivers/usb/core/sysfs.c, the interfaceauthorizedstore function is the only one that acquires a device lock on an...

EUVD-2025-203757

In the Linux kernel, the following vulnerability has been resolved: usbnet: Prevents free active kevent The root cause of this issue are: 1. When probing the usbnet device, executing usbnetlinkchangedev, 0, 0; put the kevent work in global workqueue. However, the kevent has not yet been scheduled...

Linux Distros Unpatched Vulnerability : CVE-2025-40314

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - usb: cdns3: gadget: Use-after-free during failed initialization and exit of cdnsp gadget In the cdnspgadgetinit and cdnspgadgetexit functions, the gadget...

EUVD-2009-4038

Malware in sbrugna...

Vulnerability of the smsc75xx_bind() function in the drivers/net/usb/smsc75xx.c module – The driver for supporting USB network adapters in Linux kernels allows a hacker to gain access to protected information.

Vulnerability of the smsc75xxbind function in the drivers/net/usb/smsc75xx.c module – The Linux USB network adapter driver has vulnerabilities related to security configuration errors. Exploiting this vulnerability can allow attackers to gain access to protected information...

Advisory ROSA-SA-2025-2861

Software: kernel 4.18.0 OS: ROSA Virtualization 3.0 packageevrstring: kernel-4.18.0-553.40.1.el810 CVE-ID: CVE-2019-13631 BDU-ID: 2019-03626 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the parsehidreportdescriptor function of the Linux operating system kernel is related to writing outside buffer...

The vulnerability of the Linux operating system’s USB kernel component, which allows a hacker to cause a service failure

The vulnerability of the Linux operating system’s USB kernel component is related to the assignment of the NULL pointer. Exploiting this vulnerability can allow an attacker to cause a service failure...

The vulnerability of the Linux operating system’s USB kernel component, which allows a hacker to cause a service failure

The vulnerability of the Linux operating system’s USB kernel component is related to memory corruption. Exploiting this vulnerability can allow an attacker to cause a service failure...

The vulnerability of the Linux operating system’s USB kernel component, which allows a hacker to increase their privileges within the system

The vulnerability of the Linux operating system’s USB kernel component relates to the operation of data beyond the buffer in memory. Exploiting this vulnerability can allow an attacker to gain elevated privileges within the system...

CVE-2025-1367

Summary of CVE-2025-1367 (MicroWord eScan Antivirus 7.0.32, Linux) : The USB Password Handler’s use of the C function sprintf is reported to cause a buffer overflow. Documents consistently describe this as a locally exploitable vulnerability, requiring local access to the system. Reported impact ...

The vulnerability of the Linux operating system’s USB kernel component, which allows a hacker to cause a service failure

The vulnerability of the Linux operating system’s USB kernel component is related to the assignment of the NULL pointer. Exploiting this vulnerability can allow an attacker to cause a service failure...

The vulnerability of the ffs_func_eps_disable() function in the Linux operating system’s USB gadget driver allows a intruder to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the ffsfuncepsdisable function in the drivers/usb/gadget/function/ffs.c file of the USB gadget driver in the Linux operating system is related to the reallocation of previously freed memory due to concurrent access to resources. Exploiting this vulnerability could allow an...

USN-6831-1 linux, linux-aws, linux-aws-5.4, linux-azure, linux-azure-5.4, linux-gcp, linux-gcp-5.4, linux-gkeop, linux-hwe-5.4, linux-ibm, linux-ibm-5.4, linux-kvm, linux-oracle, linux-oracle-5.4, linux-raspi, linux-raspi-5.4, linux-xilinx-zynqmp vulnerabilities

It was discovered that the HugeTLB file system component of the Linux Kernel contained a NULL pointer dereference vulnerability. A privileged attacker could possibly use this to to cause a denial of service. CVE-2024-0841 Several security issues were discovered in the Linux kernel. An attacker...

kernel: Recursive locking violation in usb-storage that can cause the kernel to deadlock

An incorrect access control flaw was found in the Linux kernel USB core subsystem. When attaching a malicious usb device, the recursive locking violation in usb-storage can cause the kernel to deadlock. This issue could allow a local user to crash the system...

CVE-2009-4067

CVE-2009-4067 : A buffer overflow in the Auerswald Linux USB driver (function auerswald_probe ) for the Linux kernel is exploitable on kernel versions before 2.6.27. The vulnerability allows physically proximate attackers to execute arbitrary code, cause a denial of service, or take full control ...

CVE-2009-4067

Buffer overflow in the auerswaldprobe function in the Auerswald Linux USB driver for the Linux kernel before 2.6.27 allows physically proximate attackers to execute arbitrary code, cause a denial of service via a crafted USB device, or take full control of the system...