Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: “Revert ‘usb: typec: ucsi: add a common function ucsiunregisterconnectors’” The recent commit 87d0e2f41b8c “usb: typec: ucsi: add a common function ucsiunregisterconnectors” introduced a regression that caused NULL dereferencing...

Astra Linux - уязвимость в linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: usb: typec: ucsi: displayport: Fix deadlock This patch introduces the ucsiconmutexlock / ucsiconmutexunlock functions to the UCSI driver. ucsiconmutexlock ensures the connector mutex is only locked if a connection is established...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: usb: typec: ucsi: Fix NULL pointer access Resources should be released only after all threads that utilize them have been destroyed. This commit ensures that resources are not released prematurely by waiting for the associated...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: usb: ucsiacpi: Increase the command completion timeout Commit 130a96d698d7 "usb: typec: ucsi: acpi: Increase command completion timeout value" increased the timeout from 5 seconds to 60 seconds due to issues related to alternate...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: usb: typec: ucsi: Fixed a null pointer dereference in the trace function. ucsiregisteraltmode checks if ISERR is true for the alt pointer and treats NULL as valid. When CONFIGTYPECDPALTMODE is not enabled, ucsiregisterdisplayport...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: usb: typec: fix potential out of bounds in ucsiccgupdatesetnewcamcmd The "cmd" variable can be controlled by the user via debugfs. That means "newcam" can be as high as 255 while the size of the uc-updated array is UCSIMAXALTMODE...

CVE-2026-31729

A flaw was found in the Linux kernel's USB Type-C Unified Connector and Switch Interface UCSI module. A malicious or malfunctioning USB Type-C device could report an out-of-range connector number in the Configuration and Capability Information CCI. This could lead to an out-of-bounds array access...

CVE-2026-31729

CVE-2026-31729 affects the Linux kernel USB Type-C Unified Connector and Switch Interface (UCSI) path. A malicious or malfunctioning USB‑C device can report an out‑of‑range connector number in the CCI, which is used to index ucsi_connector_change(); the underlying array is allocated for the devic...

ROS-20260203-73-0033

A vulnerability in the drivers/usb/typec/ucsi/ components of the Linux operating system kernel is related to thread locking errors. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

ROS-20260203-73-0046

A vulnerability in the ucsi/displayport.c component of the Linux kernel is related to pointer dereferencing errors. Exploitation of the vulnerability could allow an attacker to compromise data integrity and also cause a denial of service...

ROS-20260128-73-0017

A vulnerability in the ucsiconnectorchange function of the Linux kernel is related to pointer dereferencing. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

Azure Linux 3.0 Security Update: kernel (CVE-2025-37967)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-37967 advisory. - In the Linux kernel, the following vulnerability has been resolved: usb: typec: ucsi: displayport: Fix...

Azure Linux 3.0 Security Update: kernel (CVE-2025-37994)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-37994 advisory. - In the Linux kernel, the following vulnerability has been resolved: usb: typec: ucsi: displayport: Fix NULL...

usb: typec: ucsi: Handle incorrect num_connectors capability

...

SUSE CVE-2025-71108

In the Linux kernel, the following vulnerability has been resolved: usb: typec: ucsi: Handle incorrect numconnectors capability The UCSI spec states that the numconnectors field is 7 bits, and the 8th bit is reserved and should be set to zero. Some buggy FW has been known to set this bit, and it...

Linux Distros Unpatched Vulnerability : CVE-2025-71108

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - usb: typec: ucsi: Handle incorrect numconnectors capability The UCSI spec states that the numconnectors field is 7 bits, and the 8th bit is reserved and should ...

CVE-2025-71108

In the Linux kernel, the following vulnerability has been resolved: usb: typec: ucsi: Handle incorrect numconnectors capability The UCSI spec states that the numconnectors field is 7 bits, and the 8th bit is reserved and should be set to zero. Some buggy FW has been known to set this bit, and it...

UBUNTU-CVE-2025-71108

In the Linux kernel, the following vulnerability has been resolved: usb: typec: ucsi: Handle incorrect numconnectors capability The UCSI spec states that the numconnectors field is 7 bits, and the 8th bit is reserved and should be set to zero. Some buggy FW has been known to set this bit, and it...

CVE-2025-71108 usb: typec: ucsi: Handle incorrect num_connectors capability

In the Linux kernel, the following vulnerability has been resolved: usb: typec: ucsi: Handle incorrect numconnectors capability The UCSI spec states that the numconnectors field is 7 bits, and the 8th bit is reserved and should be set to zero. Some buggy FW has been known to set this bit, and it...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-993045)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-993045 advisory. In the Linux kernel, the following vulnerability has been resolved: usb: ucsi: Fix NULL pointer deref in ucsiconnectorchange When ucsiinit fails, ucsi-connector is...