Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: Revert “usb: typec: ucsi: add a common function ucsiunregisterconnectors”. The recent commit 87d0e2f41b8c “usb: typec: ucsi: add a common function ucsiunregisterconnectors” introduced a regression that caused NULL dereferencing...

OPENSUSE-SU-2026:20912-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 16.0 kernel was updated to fix various security issues The following security issues were fixed: - CVE-2023-20585: iommu/amd: Use maximum Event log buffer size when SNP is enabled on Family 0x19 bsc1243603. - CVE-2026-3150: bcache: fix cacheddev.sbbio use-after-free and...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: usb: ucsiacpi: The command completion timeout has been increased. The commit 130a96d698d7 “usb: typec: ucsi: acpi: Increase command completion timeout value” increased the timeout from 5 seconds to 60 seconds due to issues relate...

CVE-2026-31729

A flaw was found in the Linux kernel's USB Type-C Unified Connector and Switch Interface UCSI module. A malicious or malfunctioning USB Type-C device could report an out-of-range connector number in the Configuration and Capability Information CCI. This could lead to an out-of-bounds array access...

CVE-2026-31729

CVE-2026-31729 affects the Linux kernel USB Type-C Unified Connector and Switch Interface (UCSI) path. A malicious or malfunctioning USB‑C device can report an out‑of‑range connector number in the CCI, which is used to index ucsi_connector_change(); the underlying array is allocated for the devic...

ROS-20260203-73-0046

A vulnerability in the ucsi/displayport.c component of the Linux kernel is related to pointer dereferencing errors. Exploitation of the vulnerability could allow an attacker to compromise data integrity and also cause a denial of service...

ROS-20260203-73-0033

A vulnerability in the drivers/usb/typec/ucsi/ components of the Linux operating system kernel is related to thread locking errors. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

ROS-20260128-73-0017

A vulnerability in the ucsiconnectorchange function of the Linux kernel is related to pointer dereferencing. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

Azure Linux 3.0 Security Update: kernel (CVE-2025-37994)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-37994 advisory. - In the Linux kernel, the following vulnerability has been resolved: usb: typec: ucsi: displayport: Fix NULL...

Azure Linux 3.0 Security Update: kernel (CVE-2025-37967)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-37967 advisory. - In the Linux kernel, the following vulnerability has been resolved: usb: typec: ucsi: displayport: Fix...

usb: typec: ucsi: Handle incorrect num_connectors capability

...

SUSE CVE-2025-71108

In the Linux kernel, the following vulnerability has been resolved: usb: typec: ucsi: Handle incorrect numconnectors capability The UCSI spec states that the numconnectors field is 7 bits, and the 8th bit is reserved and should be set to zero. Some buggy FW has been known to set this bit, and it...

Linux Distros Unpatched Vulnerability : CVE-2025-71108

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - usb: typec: ucsi: Handle incorrect numconnectors capability The UCSI spec states that the numconnectors field is 7 bits, and the 8th bit is reserved and should ...

CVE-2025-71108

In the Linux kernel, the following vulnerability has been resolved: usb: typec: ucsi: Handle incorrect numconnectors capability The UCSI spec states that the numconnectors field is 7 bits, and the 8th bit is reserved and should be set to zero. Some buggy FW has been known to set this bit, and it...

UBUNTU-CVE-2025-71108

In the Linux kernel, the following vulnerability has been resolved: usb: typec: ucsi: Handle incorrect numconnectors capability The UCSI spec states that the numconnectors field is 7 bits, and the 8th bit is reserved and should be set to zero. Some buggy FW has been known to set this bit, and it...

CVE-2025-71108 usb: typec: ucsi: Handle incorrect num_connectors capability

In the Linux kernel, the following vulnerability has been resolved: usb: typec: ucsi: Handle incorrect numconnectors capability The UCSI spec states that the numconnectors field is 7 bits, and the 8th bit is reserved and should be set to zero. Some buggy FW has been known to set this bit, and it...

CVE-2025-71108 usb: typec: ucsi: Handle incorrect num_connectors capability

In the Linux kernel, the following vulnerability has been resolved: usb: typec: ucsi: Handle incorrect numconnectors capability The UCSI spec states that the numconnectors field is 7 bits, and the 8th bit is reserved and should be set to zero. Some buggy FW has been known to set this bit, and it...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-993045)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-993045 advisory. In the Linux kernel, the following vulnerability has been resolved: usb: ucsi: Fix NULL pointer deref in ucsiconnectorchange When ucsiinit fails, ucsi-connector is...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992337)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992337 advisory. In the Linux kernel, the following vulnerability has been resolved: usb: ucsi: Fix NULL pointer deref in ucsiconnectorchange When ucsiinit fails, ucsi-connector is...

CVE-2025-68323

In the Linux kernel, the following vulnerability has been resolved: usb: typec: ucsi: fix use-after-free caused by uec-work The delayed work uec-work is scheduled in gaokunucsiprobe but never properly canceled in gaokunucsiremove. This creates use-after-free scenarios where the ucsi and gaokunucs...