Lucene search
+L

14 matches found

astralinux
astralinux
added 2026/06/24 3:11 p.m.7 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: usb: storage: sddr55: Reject out-of-bound newpba This issue was discovered by Atuin – the Automated Vulnerability Discovery Engine. newpba is derived from the status packet returned after each write operation. A malicious device...

6AI score0.00171EPSS
Exploits0References3
nessus
nessus
added 2026/04/21 12:0 a.m.7 views

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-012979)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-012979 advisory. In the Linux kernel, the following vulnerability has been resolved: usb: storage: sddr55: Reject out-of-bound newpba Discovered by Atuin - Automated Vulnerability...

5.9AI score0.00171EPSS
Exploits0References4
mscve
mscve
added 2025/12/14 10:2 p.m.13 views

usb: storage: sddr55: Reject out-of-bound new_pba

...

7.3CVSS6.7AI score0.00171EPSS
Exploits0
susecve
susecve
added 2025/12/14 12:25 a.m.6 views

SUSE CVE-2025-40345

In the Linux kernel, the following vulnerability has been resolved: usb: storage: sddr55: Reject out-of-bound newpba Discovered by Atuin - Automated Vulnerability Discovery Engine. newpba comes from the status packet returned after each write. A bogus device could report values beyond the block...

6.8CVSS6.5AI score0.00171EPSS
Exploits0References22
nvd
nvd
added 2025/12/12 6:15 p.m.6 views

CVE-2025-40345

In the Linux kernel, the following vulnerability has been resolved: usb: storage: sddr55: Reject out-of-bound newpba Discovered by Atuin - Automated Vulnerability Discovery Engine. newpba comes from the status packet returned after each write. A bogus device could report values beyond the block...

0.00171EPSS
Exploits0References8
osv
osv
added 2025/12/12 6:15 p.m.13 views

AZL-72332 CVE-2025-40345 affecting package kernel for versions less than 6.6.119.3-1

In the Linux kernel, the following vulnerability has been resolved: usb: storage: sddr55: Reject out-of-bound newpba Discovered by Atuin - Automated Vulnerability Discovery Engine. newpba comes from the status packet returned after each write. A bogus device could report values beyond the block...

5.9AI score0.00171EPSS
Exploits0References1
osv
osv
added 2025/12/12 6:15 p.m.6 views

UBUNTU-CVE-2025-40345

In the Linux kernel, the following vulnerability has been resolved: usb: storage: sddr55: Reject out-of-bound newpba Discovered by Atuin - Automated Vulnerability Discovery Engine. newpba comes from the status packet returned after each write. A bogus device could report values beyond the block...

5.7AI score0.00171EPSS
Exploits0References36
debiancve
debiancve
added 2025/12/12 5:53 p.m.3 views

CVE-2025-40345

In the Linux kernel, the following vulnerability has been resolved: usb: storage: sddr55: Reject out-of-bound newpba Discovered by Atuin - Automated Vulnerability Discovery Engine. newpba comes from the status packet returned after each write. A bogus device could report values beyond the block...

5.3AI score0.00171EPSS
Exploits0
cve
cve
added 2025/12/12 5:53 p.m.19 views

CVE-2025-40345

CVE-2025-40345 affects Linux kernel USB storage for the sddr55, where new_pba values from the status packet could exceed the computed block count, causing the driver to walk past pba_to_lba[] and corrupt heap memory. The fix rejects PBAs that exceed the block count and fails the transfer to avoid...

6.1AI score0.00171EPSS
Exploits0References8
cvelist
cvelist
added 2025/12/12 5:53 p.m.37 views

CVE-2025-40345 usb: storage: sddr55: Reject out-of-bound new_pba

In the Linux kernel, the following vulnerability has been resolved: usb: storage: sddr55: Reject out-of-bound newpba Discovered by Atuin - Automated Vulnerability Discovery Engine. newpba comes from the status packet returned after each write. A bogus device could report values beyond the block...

0.00171EPSS
Exploits0References7
osv
osv
added 2025/12/12 5:53 p.m.5 views

CVE-2025-40345 usb: storage: sddr55: Reject out-of-bound new_pba

In the Linux kernel, the following vulnerability has been resolved: usb: storage: sddr55: Reject out-of-bound newpba Discovered by Atuin - Automated Vulnerability Discovery Engine. newpba comes from the status packet returned after each write. A bogus device could report values beyond the block...

6.3AI score0.00171EPSS
Exploits0References11
cnnvd
cnnvd
added 2025/12/12 12:0 a.m.3 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the sddr55 driver rejecting an out-of-range newpba, which could lead to heap memory corruption...

6.1AI score0.00171EPSS
Exploits0References7
nessus
nessus
added 2025/12/12 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2025-40345

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - usb: storage: sddr55: Reject out-of-bound newpba Discovered by Atuin - Automated Vulnerability Discovery Engine. newpba comes from the status packet returned...

6.5AI score0.00171EPSS
Exploits0References3
ptsecurity
ptsecurity
added 2025/11/21 12:0 a.m.8 views

PT-2025-50962

Name of the Vulnerable Software and Affected Versions Linux Kernel affected versions not specified Description The Linux kernel USB storage SDDR55 driver contains a flaw where out-of-bound new pba values can be accepted from a malicious device. This occurs because the driver does not properly...

7.2CVSS6.3AI score0.00171EPSS
Exploits0
Rows per page
Query Builder