176 matches found
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: rndis: added a spinlock for the rndis response list. There is no lock for the rndis response list. This could lead to list corruption if two different listadd operations occur simultaneously, as described below. It’s...
Astra Linux - уязвимость в linux-5.10, linux
In rndisqueryoid in drivers/net/wireless/rndiswlan.c within the Linux kernel, from version 6.1.5 onwards, there is an integer overflow in a mathematical operation...
Astra Linux - уязвимость в linux-6.1
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: frndis: The bind path has been refactored to use free. After a bind/unbind cycle, rndis-notifyreq remains stale. If a subsequent bind fails, the unified error handling mechanism attempts to free this stale request...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: rndis: prevent integer overflow in rndissetresponse If “BufOffset” is very large, the operation “BufOffset + 8” may lead to an integer overflow...
UBUNTU-CVE-2026-43342
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: frndis: Protect RNDIS options with mutex The class/subclass/protocol options are suspectible to race conditions as they can be accessed concurrently through configfs. Use existing mutex to protect these options. This...
CVE-2026-43342
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: frndis: Protect RNDIS options with mutex The class/subclass/protocol options are suspectible to race conditions as they can be accessed concurrently through configfs. Use existing mutex to protect these options. This...
CVE-2026-43342
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: frndis: Protect RNDIS options with mutex The class/subclass/protocol options are suspectible to race conditions as they can be accessed concurrently through configfs. Use existing mutex to protect these options. This...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the lack of mutual exclusion protection for class/subclass/protocol options in USB Gadget FRNDIS...
Astra Linux - уязвимость в linux-5.15, linux, linux-5.10
In the Linux kernel, the following vulnerability has been resolved: usb: rndishost: The secure rdrisquery check prevents integer overflow. The variables off and len, which are typed as uint32 in the rdrisquery function, are controlled by the incoming RNDIS response message. Therefore, their value...
CVE-2026-31722
In the Linux kernel, CVE-2026-31722 affects the USB gadget RNDIS function (f_rndis). The issue arises when the net_device is allocated during function instance creation and registered under the gadget device as its sysfs parent; during unbind, the parent is destroyed but the net_device can persis...
EUVD-2026-26535
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: frndis: Fix netdevice lifecycle with devicemove The netdevice is allocated during function instance creation and registered during the bind phase with the gadget device as its sysfs parent. When the function unbinds,...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from improper lifecycle management of netdevice in frndis, potentially leading to suspended sysfs...
Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001682)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001682 advisory. An issue was discovered in drivers/usb/gadget/function/rndis.c in the Linux kernel before 5.16.10. The RNDIS USB gadget lacks validation of the size of the RNDISMSGS...
Siemens Ruggedcom ROX Missing Lock Check (CVE-2022-48926)
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: rndis: add spinlock for rndis response list There's no lock for rndis response list. It could cause list corruption if there're two different listadd at the same time like below. It's better to add in rndisaddrespons...
UBUNTU-CVE-2023-54110
In the Linux kernel, the following vulnerability has been resolved: usb: rndishost: Secure rndisquery check against int overflow Variables off and len typed as uint32 in rndisquery function are controlled by incoming RNDIS response message thus their value may be manipulated. Setting off to a...
CVE-2023-54110
In the Linux kernel, the following vulnerability has been resolved: usb: rndishost: Secure rndisquery check against int overflow Variables off and len typed as uint32 in rndisquery function are controlled by incoming RNDIS response message thus their value may be manipulated. Setting off to a...
CVE-2023-54110
The CVE-2023-54110 issue is in the Linux kernel's usb rndis_host rndis_query path, where off and len (uint32) can be influenced by a received RNDIS response, enabling an out-of-bounds access and information leakage (e.g., via OID_802_3_PERMANENT_ADDRESS). Connected advisories (SUSE, EulerOS, Astr...
CVE-2023-54110 usb: rndis_host: Secure rndis_query check against int overflow
In the Linux kernel, the following vulnerability has been resolved: usb: rndishost: Secure rndisquery check against int overflow Variables off and len typed as uint32 in rndisquery function are controlled by incoming RNDIS response message thus their value may be manipulated. Setting off to a...
CVE-2023-54110 usb: rndis_host: Secure rndis_query check against int overflow
In the Linux kernel, the following vulnerability has been resolved: usb: rndishost: Secure rndisquery check against int overflow Variables off and len typed as uint32 in rndisquery function are controlled by incoming RNDIS response message thus their value may be manipulated. Setting off to a...
CVE-2022-50704
In the Linux kernel, the following vulnerability has been resolved: USB: gadget: Fix use-after-free during usb config switch In the process of switching USB config from rndis to other config, if the hardware does not support the -pullup callback, or the hardware encounters a low probability fault...