33 matches found
EUVD-2026-32377
In the Linux kernel, the following vulnerability has been resolved: usb: cdns3: fix role switching during resume If the role change while we are suspended, the cdns3 driver switches to the new mode during resume. However, switching to host mode in this context causes a NULL pointer dereference. T...
CVE-2026-45911
In the Linux kernel, the following vulnerability has been resolved: usb: cdns3: fix role switching during resume If the role change while we are suspended, the cdns3 driver switches to the new mode during resume. However, switching to host mode in this context causes a NULL pointer dereference. T...
UBUNTU-CVE-2026-45911
In the Linux kernel, the following vulnerability has been resolved: usb: cdns3: fix role switching during resume If the role change while we are suspended, the cdns3 driver switches to the new mode during resume. However, switching to host mode in this context causes a NULL pointer dereference. T...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerabilities have been resolved: usb: cdns3 – Fix for use-after-free at workaround 2 BUG: KFENCE – Use-after-free during read operation in listdelentryvalid+0x10/0xac The code snippet cdns3wa2removeoldrequest includes the following steps: c...
Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: usb: cdns3: Fixed a memory double-free issue when handling zero-length packets. 829: If request-complete, then: 830 spinunlock&privdev-lock; 831 usbgadgetgivebackrequest&privep-endpoint, 832 request; 833 spinlock&privdev-lock; 83...
Astra Linux - уязвимость в linux-6.1, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: usb: cdns3: The part of the cdns set that activates the state should be placed outside the spin lock. The device may be scheduled during the resume process; therefore, this issue cannot occur in atomic operations. Since...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: usb: cdns3: Fixed deadlock issues when using the NCM gadget. The cdns3 driver experiences the same NCM-related deadlock issues that were fixed in cdnsp with the commit 58f2fcb3a845 „usb: cdnsp: Fixed deadlock issues during use of...
Astra Linux - уязвимость в linux-5.15
In the Linux kernel, the following vulnerability has been resolved: usb: cdns3: Fix for a random warning message when loading drivers Warning log: 4.141392 Unexpected gfp: 0x4 GFPDMA32. Fixing up to gfp: 0xa20 GFPATOMIC. Fix your code! 4.150340 CPU: 1 PID: 175 Comm: 1-0050 Not tainted...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an inconsistent state of the usb cdns3 gadget driver upon initialization failure, which could lead to...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-993039)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-993039 advisory. In the Linux kernel, the following vulnerability has been resolved: usb: cdns3: change place of 'privep' assignment in cdns3gadgetepdequeue, cdns3gadgetepenable If...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992595)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992595 advisory. In the Linux kernel, the following vulnerability has been resolved: usb: cdns3: change place of 'privep' assignment in cdns3gadgetepdequeue, cdns3gadgetepenable If...
EUVD-2022-55416
Malicious code in bioql PyPI...
EUVD-2022-55305
Malicious code in bioql PyPI...
EUVD-2022-55398
Malicious code in bioql PyPI...
DEBIAN-CVE-2023-53287
In the Linux kernel, the following vulnerability has been resolved: usb: cdns3: Put the cdns set active part outside the spin lock The device may be scheduled during the resume process, so this cannot appear in atomic operations. Since pmruntimesetactive will resume suppliers, put set active...
CVE-2023-53287
In the Linux kernel, the following vulnerability has been resolved: usb: cdns3: Put the cdns set active part outside the spin lock The device may be scheduled during the resume process, so this cannot appear in atomic operations. Since pmruntimesetactive will resume suppliers, put set active...
CVE-2023-53287
CVE-2023-53287 : Linux kernel USB cdns3 driver fix—move the set_active() call outside the spin lock to avoid sleeping in atomic context during resume, preventing a WARN during resume (pm_runtime_resume path). The change protects the cdns data structure and removes the ‘sleeping function called fr...
CVE-2023-53287
In the Linux kernel, the following vulnerability has been resolved: usb: cdns3: Put the cdns set active part outside the spin lock The device may be scheduled during the resume process, so this cannot appear in atomic operations. Since pmruntimesetactive will resume suppliers, put set active...
CVE-2023-53287 usb: cdns3: Put the cdns set active part outside the spin lock
In the Linux kernel, the following vulnerability has been resolved: usb: cdns3: Put the cdns set active part outside the spin lock The device may be scheduled during the resume process, so this cannot appear in atomic operations. Since pmruntimesetactive will resume suppliers, put set active...
CVE-2022-50132
In the Linux kernel, the following vulnerability has been resolved: usb: cdns3: change place of 'privep' assignment in cdns3gadgetepdequeue, cdns3gadgetepenable If 'ep' is NULL, result of eptocdns3epep is invalid pointer and its dereference with privep-cdns3dev may cause panic. Found by Linux...