Lucene search
K

4 matches found

OSV
OSV
added 2025/10/30 10:15 a.m.3 views

UBUNTU-CVE-2025-40095

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: frndis: Refactor bind path to use free After an bind/unbind cycle, the rndis-notifyreq is left stale. If a subsequent bind fails, the unified error label attempts to free this stale request, leading to a NULL pointer...

5.7AI score0.00183EPSS
Exploits0References23
RedhatCVE
RedhatCVE
added 2024/08/22 6:56 p.m.13 views

CVE-2022-48926

A vulnerability found in the Linux kernel’s USB gadget in the RNDIS subsystem was resolved by adding a spinlock to protect the RNDIS response list. The lack of synchronization previously allowed concurrent listadd operations, leading to list corruption and potential crashes. Mitigation Mitigation...

7.8CVSS7.3AI score0.00219EPSS
Exploits0References4
OSV
OSV
added 2024/08/22 3:31 a.m.15 views

CVE-2022-48926 usb: gadget: rndis: add spinlock for rndis response list

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: rndis: add spinlock for rndis response list There's no lock for rndis response list. It could cause list corruption if there're two different listadd at the same time like below. It's better to add in rndisaddrespons...

7.8CVSS5.7AI score0.00219EPSS
Exploits0References11
Debian CVE
Debian CVE
added 2024/07/16 12:25 p.m.18 views

CVE-2022-48837

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: rndis: prevent integer overflow in rndissetresponse If "BufOffset" is very large the "BufOffset + 8" operation can have an integer overflow...

7.8CVSS5.8AI score0.00255EPSS
Exploits0
Rows per page
Query Builder