Lucene search
K

32 matches found

SUSE CVE
SUSE CVE
added 2026/05/11 2:13 p.m.23 views

SUSE CVE-2026-43427

In the Linux kernel, the following vulnerability has been resolved: usb: class: cdc-wdm: fix reordering issue in read code path Quoting the bug report: Due to compiler optimization or CPU out-of-order execution, the desc-length update can be reordered before the memmove. If this happens, wdmread...

5.8AI score0.00132EPSS
Exploits0References3
OSV
OSV
added 2026/05/08 3:16 p.m.5 views

UBUNTU-CVE-2026-43427

In the Linux kernel, the following vulnerability has been resolved: usb: class: cdc-wdm: fix reordering issue in read code path Quoting the bug report: Due to compiler optimization or CPU out-of-order execution, the desc-length update can be reordered before the memmove. If this happens, wdmread...

7.1CVSS5.7AI score0.00132EPSS
Exploits0References11
ATTACKERKB
ATTACKERKB
added 2026/05/08 2:22 p.m.11 views

CVE-2026-43427

In the Linux kernel, the following vulnerability has been resolved: usb: class: cdc-wdm: fix reordering issue in read code path Quoting the bug report: Due to compiler optimization or CPU out-of-order execution, the desc-length update can be reordered before the memmove. If this happens, wdmread...

5.8AI score0.00132EPSS
Exploits0References9Affected Software1
SUSE CVE
SUSE CVE
added 2026/04/25 1:37 a.m.8 views

SUSE CVE-2026-31623

In the Linux kernel, the following vulnerability has been resolved: net: usb: cdc-phonet: fix skb frags overflow in rxcomplete A malicious USB device claiming to be a CDC Phonet modem can overflow the skbsharedinfo-frags array by sending an unbounded sequence of full-page bulk transfers. Drop the...

4.6CVSS5.3AI score0.00125EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/04/25 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2026-31623

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: usb: cdc-phonet: fix skb frags overflow in rxcomplete A malicious USB device claiming to be a CDC Phonet modem can overflow the skbsharedinfo-frags array b...

5.5CVSS6AI score0.00125EPSS
Exploits0References2
NVD
NVD
added 2026/04/24 3:16 p.m.6 views

CVE-2026-31623

In the Linux kernel, the following vulnerability has been resolved: net: usb: cdc-phonet: fix skb frags overflow in rxcomplete A malicious USB device claiming to be a CDC Phonet modem can overflow the skbsharedinfo-frags array by sending an unbounded sequence of full-page bulk transfers. Drop the...

5.5CVSS0.00125EPSS
Exploits0References9
CVE
CVE
added 2026/04/24 2:42 p.m.34 views

CVE-2026-31623

The CVE-2026-31623 issue affects the Linux kernel net: usb: cdc-phonet driver. A malicious USB device claiming to be a CDC Phonet modem can overflow the skb_shared_info->frags[] array by sending an unbounded sequence of full-page bulk transfers in rx_complete(). The consequence described is a ...

5.5CVSS5.3AI score0.00125EPSS
Exploits0References9Affected Software1
OSV
OSV
added 2026/04/13 10:8 a.m.7 views

LSN-0119-1 Kernel Live Patch Security Notice

In the Linux kernel, the following vulnerability has been resolved: btrfs: ref-verify: fix use-after-free after invalid ref action At btrfsreftreemod after we successfully inserted the new ref entry local variable 'ref' into the respective block entry's rbtree local variable 'be', if we find an...

7.8CVSS6.2AI score0.00344EPSS
Exploits8References9
NVD
NVD
added 2026/04/03 4:16 p.m.5 views

CVE-2026-23447

In the Linux kernel, the following vulnerability has been resolved: net: usb: cdcncm: add ndpoffset to NDP32 nframes bounds check The same bounds-check bug fixed for NDP16 in the previous patch also exists in cdcncmrxverifyndp32. The DPE array size is validated against the total skb length withou...

7.8CVSS0.00129EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/04/03 3:15 p.m.3 views

CVE-2026-23448

In the Linux kernel, the following vulnerability has been resolved: net: usb: cdcncm: add ndpoffset to NDP16 nframes bounds check cdcncmrxverifyndp16 validates that the NDP header and its DPE entries fit within the skb. The first check correctly accounts for ndpoffset: if ndpoffset + sizeofstruct...

5.9AI score0.00129EPSS
Exploits0References6Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/04/03 3:15 p.m.2 views

CVE-2026-23447

In the Linux kernel, the following vulnerability has been resolved: net: usb: cdcncm: add ndpoffset to NDP32 nframes bounds check The same bounds-check bug fixed for NDP16 in the previous patch also exists in cdcncmrxverifyndp32. The DPE array size is validated against the total skb length withou...

5.7AI score0.00129EPSS
Exploits0References6Affected Software1
Cvelist
Cvelist
added 2026/04/03 3:15 p.m.24 views

CVE-2026-23447 net: usb: cdc_ncm: add ndpoffset to NDP32 nframes bounds check

In the Linux kernel, the following vulnerability has been resolved: net: usb: cdcncm: add ndpoffset to NDP32 nframes bounds check The same bounds-check bug fixed for NDP16 in the previous patch also exists in cdcncmrxverifyndp32. The DPE array size is validated against the total skb length withou...

0.00129EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/04/03 12:0 a.m.7 views

PT-2026-30143

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw within the cdc ncm rx verify ndp16 function where the bounds check for NDP16 nframes omits the ndpoffset value. This allows the DPE entries to extend pas...

7.8CVSS5.9AI score0.00129EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.5 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000766)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000766 advisory. Double free vulnerability in drivers/net/usb/cdcncm.c in the Linux kernel before 4.5 allows physically proximate attackers to cause a denial of service system crash ...

4.9CVSS6.5AI score0.00586EPSS
Exploits0References26
Tenable Nessus
Tenable Nessus
added 2026/01/15 12:0 a.m.4 views

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003002)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003002 advisory. Double free vulnerability in drivers/net/usb/cdcncm.c in the Linux kernel before 4.5 allows physically proximate attackers to cause a denial of service system crash ...

4.9CVSS6.5AI score0.00586EPSS
Exploits0References26
OSV
OSV
added 2025/10/02 7:10 p.m.11 views

CLSA-2025-1759432250 kernel: Fix of 36 CVEs

ASoC: topology: Clean up route loading CVE-2024-41069 - ASoC: topology: Fix references to freed memory CVE-2024-41069 - drm/dpmst: Fix MST sideband message body length check CVE-2024-56616 - Bluetooth: L2CAP: Fix not validating setsockopt user input CVE-2024-35965 - Bluetooth: L2CAP:...

7.8CVSS7.3AI score0.0788EPSS
Exploits16References1
AstraLinux
AstraLinux
added 2025/06/16 11:28 a.m.5 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: usb: cdc-acm: Check the control transfer buffer size before accessing it. If the first fragment is shorter than struct usbcdcnotification, we cannot calculate the expectedsize. Instead, log an error and discard the notification...

7.8CVSS6.3AI score0.00328EPSS
Exploits1References3
Amazon
Amazon
added 2025/03/06 12:0 a.m.8 views

Important: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: iommu: Return right value in iommusvabinddevice CVE-2024-40945 In the Linux kernel, the following vulnerability has been resolved: block, bfq: fix bfqq uaf in bfqlimitdepth CVE-2024-53166 In the Linux kernel, the...

7.8CVSS7.8AI score0.00328EPSS
Exploits1
OSV
OSV
added 2025/02/22 9:43 a.m.20 views

CVE-2025-21704 usb: cdc-acm: Check control transfer buffer size before access

In the Linux kernel, the following vulnerability has been resolved: usb: cdc-acm: Check control transfer buffer size before access If the first fragment is shorter than struct usbcdcnotification, we can't calculate an expectedsize. Log an error and discard the notification instead of reading...

7.8CVSS6.4AI score0.00328EPSS
Exploits1References15
Positive Technologies
Positive Technologies
added 2025/02/14 12:0 a.m.7 views

PT-2025-7541

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to the version that includes the fix for this issue Description A memory corruption issue exists due to incorrect handling of control transfer buffer sizes in the usb: cdc-acm module. When the first fragment is...

7.8CVSS6.9AI score0.00328EPSS
Exploits1
Rows per page
Query Builder