Astra Linux - уязвимость в linux, linux-5.10

A vulnerability was discovered in the drivers/usb/gadget/function/rndis.c file within the Linux kernel before version 5.16.10. The RNDIS USB gadget does not include validation for the size of the RNDISMSGSET command. Attackers can obtain sensitive information from the kernel memory...

CVE-2026-43342

A flaw was found in the Linux kernel's USB gadget RNDIS Remote Network Driver Interface Specification function. This vulnerability arises from race conditions when RNDIS options are accessed concurrently through configfs, a file system that allows user-space programs to create and manage kernel...

EUVD-2026-28626

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: frndis: Protect RNDIS options with mutex The class/subclass/protocol options are suspectible to race conditions as they can be accessed concurrently through configfs. Use existing mutex to protect these options. This...

CVE-2026-43342

CVE-2026-43342 concerns the Linux kernel USB gadget RNDIS driver (f_rndis). The issue arises from race conditions when RNDIS options (class/subclass/protocol) are accessed concurrently via configfs, enabling unsafe concurrent access. The remediation implemented is to protect these options using a...

PT-2026-38993

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A race condition exists in the USB gadget RNDIS driver where class, subclass, and protocol options can be accessed concurrently through configfs. This issue was discovered during code...

CVE-2026-31722

A flaw was found in the Linux kernel's USB gadget RNDIS Remote Network Driver Interface Specification function. During the unbinding process of a USB gadget device, the associated network device netdevice may not be correctly reparented, resulting in dangling symbolic links within the system's...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-011142)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011142 advisory. In the Linux kernel, the following vulnerability has been resolved: usb: rndishost: Secure rndisquery check against int overflow Variables off and len typed as uint3...

CVE-2025-40095

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: frndis: Refactor bind path to use free After an bind/unbind cycle, the rndis-notifyreq is left stale. If a subsequent bind fails, the unified error label attempts to free this stale request, leading to a NULL pointer...

DEBIAN-CVE-2022-48837

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: rndis: prevent integer overflow in rndissetresponse If "BufOffset" is very large the "BufOffset + 8" operation can have an integer overflow...

An issue was discovered in drivers/usb/gadget/function/rndis.c in the Linux kernel before 5.16.10. The RNDIS USB gadget lacks validation of the size of the RNDIS_MSG_SET command. Attackers can obtain sensitive information from kernel memory.

...

Linux kernel 安全漏洞

Linux kernel is the kernel used by the Linux Foundation's open source operating system Linux. Linux kernel versions prior to 5.16.10 have a security vulnerability that stems from the lack of RNDIS USB validation of the size of the RNDIS MSG SET command. An attacker could exploit this vulnerabilit...

UBUNTU-CVE-2021-3861

The RNDIS USB device class includes a buffer overflow vulnerability. Zephyr versions = v2.6.0 contain Heap-based Buffer Overflow CWE-122. For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-hvfp-w4h8-gxvj...

Binary Vulnerability in Windows rndis 5.1 Driver

rndis is the remote network driver interface protocol for W10 systems. A binary vulnerability exists in the Windows rndis 5.1 driver, which can be exploited by attackers to cause a denial-of-service attack...

Binary vulnerability in Windows rndis 6.0 driver (CNVD-2020-56099)

rndis is the remote network driver interface protocol for W10 systems. A binary vulnerability exists in the Windows rndis 6.0 driver, which can be exploited by attackers to cause a denial of service...

Binary vulnerability in Windows rndis 5.1 driver (CNVD-2020-56101)

rndis is the remote network driver interface protocol for W10 systems. A binary vulnerability exists in the Windows rndis 5.1 driver, which can be exploited by attackers to cause a denial-of-service attack...