CVE-2026-31727

A flaw was found in the Linux kernel's USB gadget subsystem, specifically within the uether module. A local user can exploit this vulnerability by using a userspace tool to query a USB gadget interface during a specific detached state. This action can trigger a NULL pointer dereference, potential...

EUVD-2026-26541

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: uether: Fix race between getherdisconnect and ethstop A race condition between getherdisconnect and ethstop leads to a NULL pointer dereference. Specifically, if ethstop is triggered concurrently while getherdisconne...

CVE-2026-31728

The CVE-2026-31728 issue in the Linux kernel affects usb: gadget: u_ether, where a race between gether_disconnect() and eth_stop() could dereference a cleared endpoint descriptor, causing a NULL pointer dereference and a potential hardlockup. The root cause is the delayed clearing of dev->port...

CVE-2026-31727 usb: gadget: u_ether: Fix NULL pointer deref in eth_get_drvinfo

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: uether: Fix NULL pointer deref in ethgetdrvinfo Commit ec35c1969650 "usb: gadget: fncm: Fix netdevice lifecycle with devicemove" reparents the gadget device to /sys/devices/virtual during unbind, clearing the gadget...

CVE-2026-31727

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: uether: Fix NULL pointer deref in ethgetdrvinfo Commit ec35c1969650 "usb: gadget: fncm: Fix netdevice lifecycle with devicemove" reparents the gadget device to /sys/devices/virtual during unbind, clearing the gadget...

CVE-2026-31727

The CVE affects the Linux kernel USB gadget subsystem, specifically u_ether, where a NULL pointer dereference could occur when a userspace tool queries a surviving interface during a detached window after unbind. The root cause is a missing NULL check for dev->gadget in eth_get_drvinfo(), lead...

CVE-2026-31727

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: uether: Fix NULL pointer deref in ethgetdrvinfo Commit ec35c1969650 "usb: gadget: fncm: Fix netdevice lifecycle with devicemove" reparents the gadget device to /sys/devices/virtual during unbind, clearing the gadget...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from a race condition between gether disconnect and ethstop in uether. This vulnerability may lead to...

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the ethgetdrvinfo function in uether accessing a null pointer during device separation, potentially...

CVE-2024-27405 usb: gadget: ncm: Avoid dropping datagrams of properly parsed NTBs

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: ncm: Avoid dropping datagrams of properly parsed NTBs It is observed sometimes when tethering is used over NCM with Windows 11 as host, at some instances, the gadgetgiveback has one byte appended at the end of a prop...