24 matches found
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: media: rc: fix races with imondisconnect Syzbot reports a KASAN issue as follows: BUG: KASAN: use-after-free in createpipe, include/linux/usb.h:1945 inline BUG: KASAN: use-after-free in sendpacket+0xa2d/0xbc0,...
CVE-2026-43375 net: mctp: fix device leak on probe failure
In the Linux kernel, the following vulnerability has been resolved: net: mctp: fix device leak on probe failure Driver core holds a reference to the USB interface and its parent USB device while the interface is bound to a driver and there is no need to take additional references unless the...
EUVD-2026-26510
In the Linux kernel, the following vulnerability has been resolved: ALSA: caiaq: take a reference on the USB device in createcard The caiaq driver stores a pointer to the parent USB device in cdev-chip.dev but never takes a reference on it. The card's privatefree callback, sndusbcaiaqcardfree, ca...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003719)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003719 advisory. An issue was discovered in the Linux kernel before 5.1.17. There is a NULL pointer dereference caused by a malicious USB device in the sound/usb/line6/pcm.c driver...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003721)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003721 advisory. An issue was discovered in the Linux kernel before 5.0.14. There is a NULL pointer dereference caused by a malicious USB device in the drivers/usb/misc/yurex.c drive...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-003891)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003891 advisory. An issue was discovered in the Linux kernel before 5.0.14. There is a NULL pointer dereference caused by a malicious USB device in the drivers/usb/misc/yurex.c drive...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003736)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003736 advisory. An issue was discovered in the Linux kernel before 5.1.8. There is a NULL pointer dereference caused by a malicious USB device in the drivers/media/usb/siano/smsusb....
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-004283)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004283 advisory. In the Linux kernel before 5.3.12, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/input/ff-memless.c driver, aka...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001281)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001281 advisory. The usbnetgenericcdcbind function in drivers/net/usb/cdcether.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service divide-by-zero...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-004135)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004135 advisory. In the Linux kernel before 5.3.12, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/input/ff-memless.c driver, aka...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-004776)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004776 advisory. An incorrect read request flaw was found in the Infrared Transceiver USB driver in the Linux kernel. This issue occurs when a user attaches a malicious USB device. A...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-003409)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003409 advisory. drivers/net/usb/asixdevices.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service NULL pointer dereference and system crash or possib...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001648)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001648 advisory. The parsehidreportdescriptor function in drivers/input/tablet/gtco.c in the Linux kernel before 4.13.11 allows local users to cause a denial of service out-of-bounds...
Unity Linux 20.1070e Security Update: kernel (UTSA-2026-000472)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000472 advisory. An issue was discovered in the Linux kernel before 5.0.14. There is a NULL pointer dereference caused by a malicious USB device in the drivers/usb/misc/yurex.c drive...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-986990)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986990 advisory. In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Fix an out-of-bounds bug in sndusbparseaudiointerface There may be a bad USB aud...
udisks2: insecure defaults in user-accessible mount helpers allow for a DoS
A vulnerability found in udisks2. This flaw allows an attacker to input a specially crafted image file/USB leading to kernel panic. The highest threat from this vulnerability is to system availability...
CVE-2020-9804
A logic issue was addressed with improved restrictions. This issue is fixed in macOS Catalina 10.15.5. Inserting a USB device that sends invalid messages may cause a kernel panic...
DEBIAN-CVE-2019-19528
In the Linux kernel before 5.3.7, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/usb/misc/iowarrior.c driver, aka CID-edc4746f253d...
UBUNTU-CVE-2019-15219
An issue was discovered in the Linux kernel before 5.1.8. There is a NULL pointer dereference caused by a malicious USB device in the drivers/usb/misc/sisusbvga/sisusb.c driver...
PT-2017-3151 · Linux +3 · Linux Kernel +3
Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 4.13.6 Description: The issue is related to the cdc parse cdc header function in drivers/usb/core/message.c, which allows local users to cause a denial of service, including out-of-bounds read and system crash, ...