CVE-2020-12293

Improper control of a resource through its lifetime in some IntelR ThunderboltTM controllers may allow an authenticated user to potentially enable denial of service via local access...

EUVD-2014-4425

Malware in sbrugna...

EUVD-2015-3714

Malware in sbrugna...

EUVD-2020-4601

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2024-27060

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: thunderbolt: Fix NULL pointer dereference in tbportupdatecredits Olliver reported that his...

CVE-2025-38174 thunderbolt: Do not double dequeue a configuration request

In the Linux kernel, the following vulnerability has been resolved: thunderbolt: Do not double dequeue a configuration request Some of our devices crash in tbcfgrequestdequeue: general protection fault, probably for non-canonical address 0xdead000000000122 CPU: 6 PID: 91007 Comm: kworker/6:2...

CVE-2025-38174

The CVE-2025-38174 issue is in the Linux kernel Thunderbolt path: tb_cfg_request_work/tb_cfg_request_dequeue can schedule the same configuration request twice, causing a double list_del on ctl->request_queue and a potential general protection fault (non-canonical address 0xdead000000000122). T...

CVE-2023-53050

In the Linux kernel, the following vulnerability has been resolved: thunderbolt: Fix memory leak in margining Memory for the usb4-margining needs to be relased for the upstream port of the router as well, even though the debugfs directory gets released with the router device removal. Fix this...

CVE-2024-46702

In the Linux kernel, the following vulnerability has been resolved: thunderbolt: Mark XDomain as unplugged when router is removed I noticed that when we do discrete host router NVM upgrade and it gets hot-removed from the PCIe side as a result of NVM firmware authentication, if there is another...

CVE-2024-46702

CVE-2024-46702 (Linux kernel) relates to Thunderbolt: when a router is removed, the code previously blocked cleanup of XDomain paths due to tb_disconnect_xdomain_paths() racing with tb_stop() during host router NVM upgrade. The fix marks the XDomain as unplugged during removal, allowing tb_stop()...

Intel Thunderbolt Driver Advisory - Lenovo Support US

No description provided...

CVE-2024-27060

The CVE-2024-27060 issue affects the Linux kernel Thunderbolt driver, specifically a NULL pointer dereference in tb_port_update_credits() when handling Thunderbolt 1 devices with a single lane. The crash path traces to tb_port_do_update_credits and related hotplug/scan routines, leading to kernel...

PT-2025-18814 · Linux +3 · Linux Kernel +3

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A memory leak issue has been identified in the Linux kernel related to thunderbolt, specifically in the margining functionality for usb4. The memory for usb4-margining needs to be...

Intel Thunderbolt controller 资源管理错误漏洞

Intel Thunderbolt controller is a connector standard published by Intel Corporation that supports both copper and fiber optic media and is intended to be used as a common bus between computers and other devices. A resource management error vulnerability exists in IntelR ThunderboltTM controllers,...

CVE-2016-4780

An issue was discovered in certain Apple products. macOS before 10.12.1 is affected. The issue involves the "Thunderbolt" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service NULL pointer dereference via a crafted app...