137 matches found
Unity Linux 20.1060a Security Update: kernel (UTSA-2026-014338)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-014338 advisory. In the Linux kernel, the following vulnerability has been resolved: USB: gadget: lpc32xxudc: fix memory leak with using debugfslookup When calling debugfslookup the...
CVE-2026-31615
A flaw was found in the Linux kernel's renesasusb3 and aspeedudc drivers. These drivers did not properly validate endpoint index numbers provided by a host during standard USB requests, such as GETSTATUS and SET/CLEARFEATURE. This oversight could allow an attacker to provide a crafted endpoint...
The vulnerability of the usb_udc_uevent() function in the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the usbudcuevent function in the Linux operating system is related to the reutilization of previously released memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected information...
ROS-20260121-73-0014
A vulnerability in the drivers/usb/gadget/udc/core.c component of the Linux kernel is related to memory usage after memory is freed. Exploitation of the vulnerability could allow an attacker to cause a denial of service...
Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001685)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001685 advisory. In drivers/usb/gadget/udc/udc-xilinx.c in the Linux kernel before 5.16.12, the endpoint index is not validated and might be manipulated by the host for out-of-array...
ROS-20260113-7316
Vulnerability of astudcgetstatus function in drivers/usb/gadget/udc/aspeedudc.c module of usb gadget driver of Linux kernel is related to incorrect index calculation. Exploitation of the vulnerability may allow an intruder to affect confidentiality, integrity and availability of protected...
Siemens Ruggedcom ROX Improper Validation of Array Index (CVE-2022-27223)
In drivers/usb/gadget/udc/udc-xilinx.c in the Linux kernel before 5.16.12, the endpoint index is not validated and might be manipulated by the host for out-of-array access. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information...
Unity Linux 20.1070e Security Update: kernel (UTSA-2026-000455)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000455 advisory. gadgetdevdescUDCstore in drivers/usb/gadget/configfs.c in the Linux kernel 3.16 through 5.6.13 relies on kstrdup without considering the possibility of an internal...
CVE-2025-54957
An issue was discovered in Dolby UDC 4.5 through 4.13. A crash of the DD+ decoder process can occur when a malformed DD+ bitstream is processed. When Evolution data is processed by evopriv.c from the DD+ bitstream, the decoder writes that data into a buffer. The length calculation for a write can...
CVE-2025-54957
An issue was discovered in Dolby UDC 4.5 through 4.13. A crash of the DD+ decoder process can occur when a malformed DD+ bitstream is processed. When Evolution data is processed by evopriv.c from the DD+ bitstream, the decoder writes that data into a buffer. The length calculation for a write can...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-414432)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-414432 advisory. In drivers/usb/gadget/udc/udc-xilinx.c in the Linux kernel before 5.16.12, the endpoint index is not validated and might be manipulated by the host for out-of-array...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-414552)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-414552 advisory. In gadgetdevdescUDCshow of configfs.c, there is a possible disclosure of kernel heap memory due to a race condition. This could lead to local information disclosure...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-986821)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986821 advisory. In the Linux kernel, the following vulnerability has been resolved: usb: gadget: lpc32xxudc: Fix refcount leak in lpc32xxudcprobe ofparsephandle returns a node point...
EUVD-2022-55260
Malicious code in bioql PyPI...
SUSE CVE-2023-53407
In the Linux kernel, the following vulnerability has been resolved: USB: gadget: pxa27xudc: fix memory leak with using debugfslookup When calling debugfslookup the result must have dput called on it, otherwise the memory will leak over time. To make things simpler, just call debugfslookupandremov...
SUSE CVE-2023-53412
In the Linux kernel, the following vulnerability has been resolved: USB: gadget: bcm63xxudc: fix memory leak with using debugfslookup When calling debugfslookup the result must have dput called on it, otherwise the memory will leak over time. To make things simpler, just call debugfslookupandremo...
CVE-2023-53418
In the Linux kernel, the following vulnerability has been resolved: USB: gadget: lpc32xxudc: fix memory leak with using debugfslookup When calling debugfslookup the result must have dput called on it, otherwise the memory will leak over time. To make things simpler, just call debugfslookupandremo...
CVE-2023-53412
In the Linux kernel, the following vulnerability has been resolved: USB: gadget: bcm63xxudc: fix memory leak with using debugfslookup When calling debugfslookup the result must have dput called on it, otherwise the memory will leak over time. To make things simpler, just call debugfslookupandremo...
CVE-2023-53406
In the Linux kernel, the following vulnerability has been resolved: USB: gadget: pxa25xudc: fix memory leak with using debugfslookup When calling debugfslookup the result must have dput called on it, otherwise the memory will leak over time. To make things simpler, just call debugfslookupandremov...
CVE-2023-53418
In the Linux kernel, the following vulnerability has been resolved: USB: gadget: lpc32xxudc: fix memory leak with using debugfslookup When calling debugfslookup the result must have dput called on it, otherwise the memory will leak over time. To make things simpler, just call debugfslookupandremo...