Lucene search
K

6310 matches found

Debian CVE
Debian CVE
added 2026/06/25 8:39 a.m.6 views

CVE-2026-53194

In the Linux kernel, the following vulnerability has been resolved: USB: serial: kl5kusb105: fix bulk-out buffer overflow klsi105preparewritebuffer is called by the generic write path with the bulk-out buffer and its size bulkoutsize, 64 bytes. It stores a two-byte length header at the start of t...

7.8CVSS6AI score0.00148EPSS
Exploits0
Debian CVE
Debian CVE
added 2026/06/25 8:39 a.m.4 views

CVE-2026-53195

In the Linux kernel, the following vulnerability has been resolved: USB: serial: ioti: fix heap overflow in buildi2cfwhdr buildi2cfwhdr allocates a fixed-size buffer of 161024 - 512 + sizeofstruct tii2cfirmwarerec bytes, then copies le16tocpuimgheader-Length bytes into it without validating that...

7.8CVSS5.9AI score0.00153EPSS
Exploits0
Cvelist
Cvelist
added 2026/06/25 8:39 a.m.31 views

CVE-2026-53194 USB: serial: kl5kusb105: fix bulk-out buffer overflow

In the Linux kernel, the following vulnerability has been resolved: USB: serial: kl5kusb105: fix bulk-out buffer overflow klsi105preparewritebuffer is called by the generic write path with the bulk-out buffer and its size bulkoutsize, 64 bytes. It stores a two-byte length header at the start of t...

7.8CVSS0.00148EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2026/06/25 12:0 a.m.7 views

PT-2026-52291

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A heap overflow exists in the build i2c fw hdr function. The function allocates a fixed-size buffer but copies a number of bytes determined by the Length variable from the firmware file...

7.8CVSS6.1AI score0.00153EPSS
Exploits0References22
Positive Technologies
Positive Technologies
added 2026/06/25 12:0 a.m.6 views

PT-2026-52290

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A slab out-of-bounds write exists in the kl5kusb105 USB serial driver. The function klsi 105 prepare write buffer incorrectly handles the bulk-out buffer by storing a two-byte length...

7.8CVSS6.1AI score0.00148EPSS
Exploits0References25
Positive Technologies
Positive Technologies
added 2026/06/25 12:0 a.m.4 views

PT-2026-52292

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A heap overflow exists in the get manuf info function. The issue occurs because the function reads a number of bytes specified by the Size field from a device I2C EEPROM into a buffer...

7CVSS6.1AI score0.00284EPSS
Exploits0References25
Positive Technologies
Positive Technologies
added 2026/06/25 12:0 a.m.31 views

PT-2026-52590

Name of the Vulnerable Software and Affected Versions wolfSSL affected versions not specified Description A length-confusion issue exists in the wolfSSL OCSP resp find status function. The lookup process compares serial-number bytes without verifying that the two serial numbers are of equal lengt...

6.3CVSS5.8AI score0.00121EPSS
Exploits0References6
EUVD
EUVD
added 2026/06/24 6:32 p.m.4 views

EUVD-2026-38905

In the Linux kernel, the following vulnerability has been resolved: HID: usbhid: fix deadlock in hidpostreset You can build a USB device that includes a HID component and a storage or UAS component. The components can be reset only together. That means that hidprereset and hidpostreset are in the...

5.7AI score0.00176EPSS
Exploits0References9
NVD
NVD
added 2026/06/24 5:17 p.m.5 views

CVE-2026-52963

In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Bound MIDI endpoint descriptor scans sndusbmidigetmsinfo validates the internal MIDIStreaming endpoint descriptor size before using baAssocJackID, but the descriptor walker can still return a class-specific...

0.00184EPSS
Exploits0References8
CVE
CVE
added 2026/06/24 4:28 p.m.10 views

CVE-2026-52964

The CVE-2026-52964 issue affects the Linux kernel ALSA usb-audio MIDI 2.0 endpoint parsing. The endpoint-descriptor walking logic validates bLength against bNumGrpTrmBlock but not the remaining bytes, allowing a malformed device to cause baAssoGrpTrmBlkID[] reads to read past the descriptor. The ...

5.7AI score0.00175EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/06/24 4:28 p.m.7 views

CVE-2026-52963

In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Bound MIDI endpoint descriptor scans sndusbmidigetmsinfo validates the internal MIDIStreaming endpoint descriptor size before using baAssocJackID, but the descriptor walker can still return a class-specific...

5.7AI score0.00184EPSS
Exploits0References9Affected Software1
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.3 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: net: usb: rtl8150: Fixed a memory leak that occurred due to a failure in usbsubmiturb. In asyncsetregisters, when usbsubmiturb fails, the allocated asyncreq structure and URB are not freed, resulting in a memory leak. The...

5.5CVSS5.9AI score0.00114EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.3 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: can: usb8dev: usb8devreadbulkcallback: fixed the URB memory leak. The memory leak was fixed in a similar manner to that in commit 7352e1d5932a “can: gsusb: gsusbreceivebulkcallback: fixed the URB memory leak”. In usb8devopen -...

5.5CVSS5.7AI score0.00127EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.7 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: spi: spi-sprd-adi – Fixed a double-free in the probe error path. The driver currently uses spiallochost to allocate the controller, but registers it using devmspiregistercontroller. If devmregisterrestarthandler fails, the code...

7.8CVSS5.8AI score0.00129EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.4 views

Astra Linux – Vulnerability found in Linux 6.12, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: ffs: Fixed null pointer access to epfile after ep enable. A race condition occurs when ffsfuncepsenable runs concurrently with ffsdatareset. The ffsdataclear function called in ffsdatareset sets ffs-epfiles to NULL...

5.7AI score0.00175EPSS
Exploits0References4
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.4 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: spi: tegra210-quad: Protect currxfer in tegraqspicombinedseqxfer The currxfer field is read by the IRQ handler without holding a lock. This allows the IRQ handler to check whether a transfer is in progress. When clearing the...

5.5CVSS5.8AI score0.00111EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.3 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: net: usb: pegasus: fixed a memory leak in updateeth regs async When writing to the device registers asynchronously, and if usbsubmiturb fails, the code fails to release the resources allocated for this process...

5.5CVSS6.2AI score0.00149EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.3 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: USB: UAS – Fix for the URB unmapping issue when the UAS device is removed during ongoing data transfer When a UAS device is unplugged during data transfer, there is a possibility of a system panic occurring. The root cause is...

6.2AI score0.00193EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.6 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: can: mcbausb: mcbausbreadbulkcallback: fixed a URB memory leak. The memory leak was fixed in a similar manner to the issue in commit 7352e1d5932a “can: gsusb: gsusbreceivebulkcallback: fixed a URB memory leak”. In mcbausbprobe -...

5.5CVSS5.7AI score0.00123EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.6 views

Astra Linux – Vulnerability in grub2

A vulnerability has been identified in the GRUB Grand Unified Bootloader component. This flaw occurs because the bootloader improperly handles string conversions when reading information from a USB device, allowing an attacker to exploit inconsistencies in the length values. A local attacker can...

4.8CVSS5.2AI score0.00172EPSS
Exploits0References3
Rows per page
Query Builder