26 matches found
CVE-2026-43375 net: mctp: fix device leak on probe failure
In the Linux kernel, the following vulnerability has been resolved: net: mctp: fix device leak on probe failure Driver core holds a reference to the USB interface and its parent USB device while the interface is bound to a driver and there is no need to take additional references unless the...
EUVD-2026-26510
In the Linux kernel, the following vulnerability has been resolved: ALSA: caiaq: take a reference on the USB device in createcard The caiaq driver stores a pointer to the parent USB device in cdev-chip.dev but never takes a reference on it. The card's privatefree callback, sndusbcaiaqcardfree, ca...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001281)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001281 advisory. The usbnetgenericcdcbind function in drivers/net/usb/cdcether.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service divide-by-zero...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-004776)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004776 advisory. An incorrect read request flaw was found in the Infrared Transceiver USB driver in the Linux kernel. This issue occurs when a user attaches a malicious USB device. A...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003719)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003719 advisory. An issue was discovered in the Linux kernel before 5.1.17. There is a NULL pointer dereference caused by a malicious USB device in the sound/usb/line6/pcm.c driver...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003721)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003721 advisory. An issue was discovered in the Linux kernel before 5.0.14. There is a NULL pointer dereference caused by a malicious USB device in the drivers/usb/misc/yurex.c drive...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-003891)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003891 advisory. An issue was discovered in the Linux kernel before 5.0.14. There is a NULL pointer dereference caused by a malicious USB device in the drivers/usb/misc/yurex.c drive...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-004135)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004135 advisory. In the Linux kernel before 5.3.12, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/input/ff-memless.c driver, aka...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003736)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003736 advisory. An issue was discovered in the Linux kernel before 5.1.8. There is a NULL pointer dereference caused by a malicious USB device in the drivers/media/usb/siano/smsusb....
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-004283)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004283 advisory. In the Linux kernel before 5.3.12, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/input/ff-memless.c driver, aka...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-003409)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003409 advisory. drivers/net/usb/asixdevices.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service NULL pointer dereference and system crash or possib...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001648)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001648 advisory. The parsehidreportdescriptor function in drivers/input/tablet/gtco.c in the Linux kernel before 4.13.11 allows local users to cause a denial of service out-of-bounds...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: media: rc: fix races with imondisconnect Syzbot reports a KASAN issue as below: BUG: KASAN: use-after-free in createpipe include/linux/usb.h:1945 inline BUG: KASAN: use-after-free in sendpacket+0xa2d/0xbc0...
Unity Linux 20.1070e Security Update: kernel (UTSA-2026-000472)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000472 advisory. An issue was discovered in the Linux kernel before 5.0.14. There is a NULL pointer dereference caused by a malicious USB device in the drivers/usb/misc/yurex.c drive...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-986990)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986990 advisory. In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Fix an out-of-bounds bug in sndusbparseaudiointerface There may be a bad USB aud...
The vulnerability of the HID subsystem (drivers/hid/hid-core.c) in the Linux kernel allows a attacker to cause an application to crash or increase their privileges.
The vulnerability of the HID subsystem drivers/hid/hid-core.c in the Linux kernel is related to memory corruption caused by a user using a malicious USB device. Exploiting this vulnerability can allow an attacker to cause an application to crash or increase their privileges...
udisks2: insecure defaults in user-accessible mount helpers allow for a DoS
A vulnerability found in udisks2. This flaw allows an attacker to input a specially crafted image file/USB leading to kernel panic. The highest threat from this vulnerability is to system availability...
CVE-2021-3802
A vulnerability found in udisks2. This flaw allows an attacker to input a specially crafted image file/USB leading to kernel panic. The highest threat from this vulnerability is to system availability...
CVE-2020-9804
A logic issue was addressed with improved restrictions. This issue is fixed in macOS Catalina 10.15.5. Inserting a USB device that sends invalid messages may cause a kernel panic...
DEBIAN-CVE-2019-19528
In the Linux kernel before 5.3.7, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/usb/misc/iowarrior.c driver, aka CID-edc4746f253d...