41 matches found
CVE-2026-45923
In the Linux kernel, the following vulnerability has been resolved: net: usb: catc: enable basic endpoint checking catcprobe fills three URBs with hardcoded endpoint pipes without verifying the endpoint descriptors: - usbsndbulkpipeusbdev, 1 and usbrcvbulkpipeusbdev, 1 for TX/RX -...
Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: net: usb: qmiwwan: fix a memory leak for non-IP packets. Free the unused skb objects when no non-IP packets arrive...
PT-2026-30141
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw where the aqc111 suspend function calls the PM variant of its write cmd routine, leading to a task hang during resume operations. Specifically, the issue...
kernel: net: usb: smsc75xx: Limit packet length to skb->len
In the Linux kernel, the following vulnerability has been resolved: net: usb: smsc75xx: Limit packet length to skb-len Packet length retrieved from skb data may be larger than the actual socket buffer length up to 9026 bytes. In such case the cloned skb passed up the network stack will leak kerne...
kernel: net: usb: smsc75xx: Limit packet length to skb->len
In the Linux kernel, the following vulnerability has been resolved: net: usb: smsc75xx: Limit packet length to skb-len Packet length retrieved from skb data may be larger than the actual socket buffer length up to 9026 bytes. In such case the cloned skb passed up the network stack will leak kerne...
kernel: net: usb: smsc75xx: Limit packet length to skb->len
In the Linux kernel, the following vulnerability has been resolved: net: usb: smsc75xx: Limit packet length to skb-len Packet length retrieved from skb data may be larger than the actual socket buffer length up to 9026 bytes. In such case the cloned skb passed up the network stack will leak kerne...
kernel: net: usb: smsc75xx: Limit packet length to skb->len
In the Linux kernel, the following vulnerability has been resolved: net: usb: smsc75xx: Limit packet length to skb-len Packet length retrieved from skb data may be larger than the actual socket buffer length up to 9026 bytes. In such case the cloned skb passed up the network stack will leak kerne...
Linux Distros Unpatched Vulnerability : CVE-2025-38736
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: net: usb: asixdevices: Fix PHY address mask in MDIO bus initialization Syzbot reported...
CVE-2025-38725 net: usb: asix_devices: add phy_mask for ax88772 mdio bus
In the Linux kernel, the following vulnerability has been resolved: net: usb: asixdevices: add phymask for ax88772 mdio bus Without setting phymask for ax88772 mdio bus, current driver may create at most 32 mdio phy devices with phy address range from 0x00 0x1f. DLink DUB-E100 H/W Ver B1 is such ...
UBUNTU-CVE-2023-53068
In the Linux kernel, the following vulnerability has been resolved: net: usb: lan78xx: Limit packet length to skb-len Packet length retrieved from descriptor may be larger than the actual socket buffer length. In such case the cloned skb passed up the network stack will leak kernel memory content...
kernel: net: usb: smsc75xx: Fix uninit-value access in __smsc75xx_read_reg
In the Linux kernel, the following vulnerability has been resolved: net: usb: smsc75xx: Fix uninit-value access in smsc75xxreadreg The Linux kernel CVE team has assigned CVE-2023-52528 to this issue. Upstream advisory:...
Important: kernel
Issue Overview: In the Linux kernel, the following vulnerability has been resolved: mm: avoid overflows in dirty throttling logic CVE-2024-42131 In the Linux kernel, the following vulnerability has been resolved: tipc: Return non-zero value from tipcudpaddr2str on error CVE-2024-42284 In the Linu...
UBUNTU-CVE-2022-49051
In the Linux kernel, the following vulnerability has been resolved: net: usb: aqc111: Fix out-of-bounds accesses in RX fixup aqc111rxfixup contains several out-of-bounds accesses that can be triggered by a malicious or defective USB device, in particular: - The metadata array...
kernel: net: usb: smsc75xx: Fix uninit-value access in __smsc75xx_read_reg
In the Linux kernel, the following vulnerability has been resolved: net: usb: smsc75xx: Fix uninit-value access in smsc75xxreadreg The Linux kernel CVE team has assigned CVE-2023-52528 to this issue. Upstream advisory:...
Oracle Linux 7 / 8 : Unbreakable Enterprise kernel (ELSA-2024-12780)
The remote Oracle Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-12780 advisory. - VMCI: Fix use-after-free when removing resource in vmciresourceremove David Fernandez Gonzalez Orabug: 37037205 CVE-2024-46738 - exec: Fix ToCTo...
Oracle Linux 7 / 8 : Unbreakable Enterprise kernel-container (ELSA-2024-12782)
The remote Oracle Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-12782 advisory. - VMCI: Fix use-after-free when removing resource in vmciresourceremove David Fernandez Gonzalez Orabug: 37037205 CVE-2024-46738 - exec: Fix ToCTo...
kernel security update
5.14.0-427.37.14.OL9 - Disable UKI signing Orabug: 36571828 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug:...
kernel: net/usb: kalmia: Don't pass act_len in usb_bulk_msg error path
In the Linux kernel, the following vulnerability has been resolved: net/usb: kalmia: Don't pass actlen in usbbulkmsg error path syzbot reported that actlen in kalmiasendinitpacket is uninitialized when passing it to the first usbbulkmsg error path. Jiri Pirko noted that it's pointless to pass it ...
DEBIAN-CVE-2023-52703
In the Linux kernel, the following vulnerability has been resolved: net/usb: kalmia: Don't pass actlen in usbbulkmsg error path syzbot reported that actlen in kalmiasendinitpacket is uninitialized when passing it to the first usbbulkmsg error path. Jiri Pirko noted that it's pointless to pass it ...
CVE-2023-52703
In the Linux kernel, the following vulnerability has been resolved: net/usb: kalmia: Don't pass actlen in usbbulkmsg error path syzbot reported that actlen in kalmiasendinitpacket is uninitialized when passing it to the first usbbulkmsg error path. Jiri Pirko noted that it's pointless to pass it ...