Lucene search
K

6 matches found

CVE
CVE
added 2026/04/24 2:42 p.m.14 views

CVE-2026-31617

CVE-2026-31617 in the Linux kernel Usb Gadget CDC-NCM path (f_ncm) allowed a host to supply a too-small NTB block_len, triggering an underflow in block_len - ndp_size/dpe_size checks and enabling memory exposure during skb_copy. The fix clamps block_len to only those values that can hold the NTB ...

7CVSS5.3AI score0.00129EPSS
Exploits0References12Affected Software1
Debian CVE
Debian CVE
added 2026/04/24 2:42 p.m.5 views

CVE-2026-31617

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: fncm: validate minimum blocklen in ncmunwrapntb The blocklen read from the host-supplied NTB header is checked against ntbmax but has no lower bound. When blocklen is smaller than opts-ndpsize, the bounds check of:...

7CVSS5.2AI score0.00129EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/04/24 12:0 a.m.6 views

PT-2026-34969

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the ncm unwrap ntb function where the block len read from the host-supplied NTB header lacks a lower bound check. When block len is smaller than opts-ndp size, the...

8.8CVSS5.1AI score0.00435EPSS
Exploits0References156
CNNVD
CNNVD
added 2026/04/24 12:0 a.m.11 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the lack of verification of the minimum block len in the ncmunwrapntb function. This vulnerabilit...

5.5CVSS5.8AI score0.00129EPSS
Exploits0References2
OSV
OSV
added 2024/06/21 12:38 p.m.6 views

CLSA-2024-1718973513 Fix of 21 CVEs

CVE-url: https://ubuntu.com/security/CVE-2024-26777 - fbdev: sis: Error out if pixclock equals zero CVE-url: https://ubuntu.com/security/CVE-2021-47542 - net: qlogic: qlcnic: Fix a NULL pointer dereference in qlcnic83xxaddrings CVE-url: https://ubuntu.com/security/CVE-2021-47518 - nfc: fix...

7.8CVSS6.5AI score0.01287EPSS
Exploits0References1
OSV
OSV
added 2024/05/17 11:40 a.m.21 views

CVE-2024-27405 usb: gadget: ncm: Avoid dropping datagrams of properly parsed NTBs

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: ncm: Avoid dropping datagrams of properly parsed NTBs It is observed sometimes when tethering is used over NCM with Windows 11 as host, at some instances, the gadgetgiveback has one byte appended at the end of a prop...

7.5CVSS5.9AI score0.01287EPSS
Exploits0References13
Rows per page
Query Builder