183 matches found
USN-8200-3: Linux kernel (Raspberry Pi) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - Cryptographic API; - GPU drivers; - I2C subsystem; - Network traffic control; CVE-2022-49046,...
CVE-2026-43421
A flaw was found in the Linux kernel's USB gadget function for Network Control Model NCM. During device disconnection, a network device could outlive its parent gadget device, leading to dangling system file system sysfs links and null pointer dereference problems. This vulnerability can result i...
EUVD-2026-28728
In the Linux kernel, the following vulnerability has been resolved: usb: legacy: ncm: Fix NPE in gncmbind Commit 56a512a9b410 "usb: gadget: fncm: align netdevice lifecycle with bind/unbind" deferred the allocation of the netdevice. This change leads to a NULL pointer dereference in the legacy NCM...
CVE-2026-43422
In the Linux kernel, the following vulnerability has been resolved: usb: legacy: ncm: Fix NPE in gncmbind Commit 56a512a9b410 "usb: gadget: fncm: align netdevice lifecycle with bind/unbind" deferred the allocation of the netdevice. This change leads to a NULL pointer dereference in the legacy NCM...
CVE-2026-43422
In the Linux kernel, the following vulnerability has been resolved: usb: legacy: ncm: Fix NPE in gncmbind Commit 56a512a9b410 "usb: gadget: fncm: align netdevice lifecycle with bind/unbind" deferred the allocation of the netdevice. This change leads to a NULL pointer dereference in the legacy NCM...
CVE-2026-43423 usb: gadget: f_ncm: Fix atomic context locking issue
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: fncm: Fix atomic context locking issue The ncmsetalt function was holding a mutex to protect against races with configfs, which invokes the might-sleep function inside an atomic context. Remove the struct netdevice...
PT-2026-39083
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A NULL pointer dereference occurs in the legacy NCM driver within the gncm bind function. This issue arises because the driver attempts to access the net device before it is fully...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: usb: cdnsp: Fixed a deadlock issue in cdnspthreadirqhandler. The patch fixes the following critical issue caused by deadlock, which was detected during testing of the NCM class: - smp: csd: A non-responsive CSD lock 1 was...
Wireshark 2.2.x < 2.2.1 Multiple Vulnerabilities (macOS)
The version of Wireshark installed on the remote macOS / Mac OS X host is prior to 2.2.1. It is, therefore, affected by multiple vulnerabilities as referenced in the wireshark-2.2.1 advisory. - In Wireshark 2.2.0, the NCP dissector could crash, triggered by packet injection or a malformed capture...
CVE-2026-31617
A flaw was found in the Linux kernel's USB Network Control Model NCM gadget driver. A malicious USB host could exploit an integer underflow vulnerability when processing Network Transfer Block NTB headers. This allows the host to manipulate internal data pointers, causing adjacent kernel memory t...
USN-8145-3 linux-gcp, linux-gcp-4.15, linux-gcp-fips vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - Cryptographic API; - UDF file system; - NFC subsystem; - Network traffic control;...
CVE-2026-23447
A flaw was found in the USB CDC NCM Network Control Model driver in the Linux kernel. This vulnerability, a bounds-check bug, occurs when processing NCM Datagram Pointer NDP32 frames. It fails to correctly account for the ndpoffset, which can lead to out-of-bounds reads. This could result in...
SDN-SYN PoW: Intent-Aware Adaptive SDN Defense with PoW against Multi-Domain SYN Floods
The stability of Internet services is persistently challenged by the escalating scale of volumetric TCP SYN floods, as conventional defenses like SYN Cookies fail by exacerbating bandwidth depletion under modern attacks. This paper introduces SDN-SYN PoW, a novel defense architecture that...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-992790)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992790 advisory. In the Linux kernel, the following vulnerability has been resolved: usb: cdns3: Fix deadlock when using NCM gadget The cdns3 driver has the same NCM deadlock as fixe...
EUVD-2025-203676
In the Linux kernel, the following vulnerability has been resolved: net: ethernet: ti: netcp: Standardize knavdmaopenchannel to return NULL on error Make knavdmaopenchannel consistently return NULL on error instead of ERRPTR. Currently the header include/linux/soc/ti/knavdma.h returns NULL when t...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989908)
"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989908 advisory. In the Linux kernel, the following vulnerability has been resolved: usb: gadget: fncm: fix potential NULL ptr deref in ncmbitrate In Google internal bug 265639009...
USN-7811-1: Linux kernel (NVIDIA Tegra IGX) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Packet sockets; - Network traffic control; - VMware vSockets driver; CVE-2025-38618, CVE-2025-38477, CVE-2025-38617...
CVE-2023-53667
In the Linux kernel, the following vulnerability has been resolved: net: cdcncm: Deal with too low values of dwNtbOutMaxSize Currently in cdcncmchecktxmax, if dwNtbOutMaxSize is lower than the calculated "min" value, but greater than zero, the logic sets txmax to dwNtbOutMaxSize. This is then use...
EUVD-2012-5864
Malware in sbrugna...
EUVD-2014-1208
Malware in sbrugna...