22 matches found
CVE-2026-50266
In OpenStack Neutron before 28.0.1, a project manager can create or update a port on a shared network owned by another project and set deviceowner to a value that has "network:" at the beginning "network:dhcp" for example. The default port RBAC policies incorrectly included PROJECTMANAGER without...
SUSE CVE-2025-68340
In the Linux kernel, the following vulnerability has been resolved: team: Move team device type change at the end of teamportadd Attempting to add a port device that is already up will expectedly fail, but not before modifying the team device headerops. In the case of the syzbot reproducer the gr...
Linux Distros Unpatched Vulnerability : CVE-2023-54083
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - phy: tegra: xusb: Clear the driver reference in usb-phy dev For the dual-role port, it will assign the phy dev to usb-phy dev and use the port dev driver as the...
UBUNTU-CVE-2025-68340
In the Linux kernel, the following vulnerability has been resolved: team: Move team device type change at the end of teamportadd Attempting to add a port device that is already up will expectedly fail, but not before modifying the team device headerops. In the case of the syzbot reproducer the gr...
CVE-2025-68340
In the Linux kernel, the following vulnerability has been resolved: team: Move team device type change at the end of teamportadd Attempting to add a port device that is already up will expectedly fail, but not before modifying the team device headerops. In the case of the syzbot reproducer the gr...
CVE-2025-68340
In the Linux kernel, the following vulnerability has been resolved: team: Move team device type change at the end of teamportadd Attempting to add a port device that is already up will expectedly fail, but not before modifying the team device headerops. In the case of the syzbot reproducer the gr...
UBUNTU-CVE-2025-68311
In the Linux kernel, the following vulnerability has been resolved: tty: serial: ip22zilog: Use platform device for probing After commit 84a9582fd203 "serial: core: Start managing serial controllers to enable runtime PM" serial drivers need to provide a device in struct uartport.dev otherwise an...
RHEL 9 : kernel (RHSA-2025:15016)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:15016 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: s390/ptrace: handle setting o...
Topaz Signature Pad as COM Port Device Disappears after Logoff
Topaz Signature will disappear after users log off on a kiosk workstation. The environment contained: Citrix Virtual Apps and Desktops version 2203 CUx Desktop of Server VDA, any supported OS Citrix Workspace App 2402 CUx Windows 10/Windows 11...
kernel: USB: core: Fix access violation during port device removal
In the Linux kernel, the following vulnerability has been resolved: USB: core: Fix access violation during port device removal Testing with KASAN and syzkaller revealed a bug in port.c:disablestore: usbhubtostructhub can return NULL if the hub that the port belongs to is concurrently removed, but...
CVE-2024-36896
In the Linux kernel, the following vulnerability has been resolved: USB: core: Fix access violation during port device removal Testing with KASAN and syzkaller revealed a bug in port.c:disablestore: usbhubtostructhub can return NULL if the hub that the port belongs to is concurrently removed, but...
CVE-2024-36896
In the Linux kernel, the following vulnerability has been resolved: USB: core: Fix access violation during port device removal Testing with KASAN and syzkaller revealed a bug in port.c:disablestore: usbhubtostructhub can return NULL if the hub that the port belongs to is concurrently removed, but...
CVE-2024-36896
In the Linux kernel, the following vulnerability has been resolved: USB: core: Fix access violation during port device removal Testing with KASAN and syzkaller revealed a bug in port.c:disablestore: usbhubtostructhub can return NULL if the hub that the port belongs to is concurrently removed, but...
CVE-2024-36896 USB: core: Fix access violation during port device removal
In the Linux kernel, the following vulnerability has been resolved: USB: core: Fix access violation during port device removal Testing with KASAN and syzkaller revealed a bug in port.c:disablestore: usbhubtostructhub can return NULL if the hub that the port belongs to is concurrently removed, but...
CVE-2024-36896 USB: core: Fix access violation during port device removal
In the Linux kernel, the following vulnerability has been resolved: USB: core: Fix access violation during port device removal Testing with KASAN and syzkaller revealed a bug in port.c:disablestore: usbhubtostructhub can return NULL if the hub that the port belongs to is concurrently removed, but...
UBUNTU-CVE-2024-26872
In the Linux kernel, the following vulnerability has been resolved: RDMA/srpt: Do not register event handler until srpt device is fully setup Upon rare occasions, KASAN reports a use-after-free Write in srptrefreshport. This seems to be because an event handler is registered before the srpt devic...
DEBIAN-CVE-2024-26716
In the Linux kernel, the following vulnerability has been resolved: usb: core: Prevent null pointer dereference in updateportdevicestate Currently, the function updateportdevicestate gets the usbhub from udev-parent by calling usbhubtostructhub. However, in case the actconfig or the maxchild is 0...
PT-2024-3425 · Linux +3 · Linux Kernel +3
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to a null pointer dereference in the update port device state function in the Linux kernel's USB core module. This occurs when the actconfig or maxchild is 0,...
PT-2025-53160
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel's Tegra xusb driver related to the handling of driver references within the usb-phy device. Specifically, when destroying a port device, the associated...
DEBIAN-CVE-2015-5240
Race condition in OpenStack Neutron before 2014.2.4 and 2015.1 before 2015.1.2, when using the ML2 plugin or the security groups AMQP API, allows remote authenticated users to bypass IP anti-spoofing controls by changing the device owner of a port to start with network: before the security group...