11 matches found
EUVD-2026-28734
In the Linux kernel, the following vulnerability has been resolved: USB: core: Limit the length of unkillable synchronous timeouts The usbcontrolmsg, usbbulkmsg, and usbinterruptmsg APIs in usbcore allow unlimited timeout durations. And since they use uninterruptible waits, this leaves open the...
CVE-2026-43429
In the Linux kernel, the following vulnerability has been resolved: USB: usbtmc: Use usbbulkmsgkillable with user-specified timeouts The usbtmc driver accepts timeout values specified by the user in an ioctl command, and uses these timeouts for some usbbulkmsg calls. Since the user can specify...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the use of the usbtmc driver to call usbbulkmsg with a timeout value specified by the user. This...
ROS-20260304-73-0028
A vulnerability in the usbbulkmsg function of the Linux kernel is related to incorrect resource initialization. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990545)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990545 advisory. In the Linux kernel, the following vulnerability has been resolved: net/usb: kalmia: Don't pass actlen in usbbulkmsg error path syzbot reported that actlen in...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-987696)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987696 advisory. In the Linux kernel, the following vulnerability has been resolved: net/usb: kalmia: Don't pass actlen in usbbulkmsg error path syzbot reported that actlen in...
kernel: net/usb: kalmia: Don't pass act_len in usb_bulk_msg error path
In the Linux kernel, the following vulnerability has been resolved: net/usb: kalmia: Don't pass actlen in usbbulkmsg error path syzbot reported that actlen in kalmiasendinitpacket is uninitialized when passing it to the first usbbulkmsg error path. Jiri Pirko noted that it's pointless to pass it ...
kernel: net/usb: kalmia: Don't pass act_len in usb_bulk_msg error path
In the Linux kernel, the following vulnerability has been resolved: net/usb: kalmia: Don't pass actlen in usbbulkmsg error path syzbot reported that actlen in kalmiasendinitpacket is uninitialized when passing it to the first usbbulkmsg error path. Jiri Pirko noted that it's pointless to pass it ...
DEBIAN-CVE-2021-47582
In the Linux kernel, the following vulnerability has been resolved: USB: core: Make doproccontrol and doprocbulk killable The USBDEVFSCONTROL and USBDEVFSBULK ioctls invoke usbstartwaiturb, which contains an uninterruptible wait with a user-specified timeout value. If timeout value is very large...
SUSE CVE-2023-52703
In the Linux kernel, the following vulnerability has been resolved: net/usb: kalmia: Don't pass actlen in usbbulkmsg error path syzbot reported that actlen in kalmiasendinitpacket is uninitialized when passing it to the first usbbulkmsg error path. Jiri Pirko noted that it's pointless to pass it ...
PT-2023-35471 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.4.232 Description: The issue is related to the usb bulk msg function in the Linux Kernel. It is noted that the actual impact and attack plausibility have not yet been proven. The problem was introduced in...