EUVD-2025-14108

Malicious code in bioql PyPI...

MAL-2025-10515 Malicious code in @zalastax/nolb-_trb (npm)

The package @zalastax/nolb-trb was found to contain malicious code...

Malicious code in @zalastax/nolb-_trb (npm)

The package @zalastax/nolb-trb was found to contain malicious code...

CVE-2025-37882 usb: xhci: Fix isochronous Ring Underrun/Overrun event handling

In the Linux kernel, the following vulnerability has been resolved: usb: xhci: Fix isochronous Ring Underrun/Overrun event handling The TRB pointer of these events points at enqueue at the time of error occurrence on xHCI 1.1+ HCs or it's NULL on older ones. By the time we are handling the event,...

CVE-2024-42226

Removed by vendor...

CVE-2024-42226

The initial CVE-2024-42226 entry is marked as Rejected in the description, but connected advisories reference the CVE with kernel fixes. In particular, SUSE advisory SUSE-SU-2024-4364-1 and SUSE-SU-2024-3983-1 (and related OSS/OpenVAS/Nessus entries) list CVE-2024-42226 in the kernel vulnerabilit...

CVE-2024-26659

A flaw was found in the Linux kernel related to the Extensible Host Controller Interface xHCI subsystem, specifically how it handles certain events. The issue arises when the xHCI driver improperly handles isochronous isoc Babble and Buffer Overrun events. The vulnerability occurs because the xHC...

CVE-2024-26659

In the Linux kernel, the following vulnerability has been resolved: xhci: handle isoc Babble and Buffer Overrun events properly xHCI 4.9 explicitly forbids assuming that the xHC has released its ownership of a multi-TRB TD when it reports an error on one of the early TRBs. Yet the driver makes su...

SUSE CVE-2020-14394

An infinite loop flaw was found in the USB xHCI controller emulation of QEMU while computing the length of the Transfer Request Block TRB Ring. This flaw allows a privileged guest user to hang the QEMU process on the host, resulting in a denial of service...

Denial Of Service (DoS)

qemu is vulnerable to denial of service. The vulnerability exists due to an infinite loop in USB xHCI controller emulation of QEMU while computing the length of the Transfer Request Block TRB Ring...

CVE-2020-14394

An infinite loop flaw was found in the USB xHCI controller emulation of QEMU while computing the length of the Transfer Request Block TRB Ring. This flaw allows a privileged guest user to hang the QEMU process on the host, resulting in a denial of service...

CVE-2020-14394

An infinite loop flaw was found in the USB xHCI controller emulation of QEMU while computing the length of the Transfer Request Block TRB Ring. This flaw allows a privileged guest user to hang the QEMU process on the host, resulting in a denial of service...

CVE-2020-14394

An infinite loop flaw was found in the USB xHCI controller emulation of QEMU while computing the length of the Transfer Request Block TRB Ring. This flaw allows a privileged guest user to hang the QEMU process on the host, resulting in a denial of service...

GSD-2022-1001083 usb: cdnsp: fix cdnsp_decode_trb function to properly handle ret value

usb: cdnsp: fix cdnspdecodetrb function to properly handle ret value This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.17.3 by commit...

CVE-2021-36146

ACRN before 2.5 has a devicemodel/hw/pci/xhci.c NULL Pointer Dereference for a trb pointer...

CVE-2021-36146

ACRN before 2.5 has a devicemodel/hw/pci/xhci.c NULL Pointer Dereference for a trb pointer...

CVE-2020-14394

An infinite loop flaw was found in the USB xHCI controller emulation of QEMU while computing the length of the Transfer Request Block TRB Ring. This flaw allows a privileged guest user to hang the QEMU process on the host, resulting in a denial of service. The highest threat from this vulnerabili...

Ubuntu 16.04 LTS / 18.04 LTS : EDK II vulnerabilities (USN-4349-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4349-1 advisory. A buffer overflow was discovered in the network stack. An unprivileged user could potentially enable escalation of privilege and/or denial of...

Denial Of Service (DoS)

QEMU is vulnerable to denial of serviceDoS attacks. This occurs in the xhciringfetch function in hw/usb/hcd-xhci.c which allows local guest OS administrators to cause a denial of service condition by leveraging failure to limit the number of link Transfer Request Blocks TRB to process...

CVE-2016-8576

The xhciringfetch function in hw/usb/hcd-xhci.c in QEMU aka Quick Emulator allows local guest OS administrators to cause a denial of service infinite loop and QEMU process crash by leveraging failure to limit the number of link Transfer Request Blocks TRB to process...