CVE-2026-23679

A flaw was found in libusb. An attacker can provide a specially crafted Universal Serial Bus USB configuration descriptor to applications using libusb. This malformed descriptor can lead to a null pointer dereference, causing the application to crash and resulting in a denial of service. This...

Linux Distros Unpatched Vulnerability : CVE-2026-23679

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libusb before version 1.0.30 contains a NULL pointer dereference vulnerability that allows attackers to crash applications by supplying a malformed USB...

Linux Distros Unpatched Vulnerability : CVE-2026-47104

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libusb before version 1.0.30 contains a one-byte out-of-bounds read vulnerability in parseiadarray in descriptor.c that allows attackers to trigger a denial of...

Out-of-bounds Read

Overview Affected versions of this package are vulnerable to Out-of-bounds Read via the parseiadarray function. An attacker can cause a denial of service by supplying a malformed USB descriptor with a crafted bLength value, leading to a one-byte out-of-bounds read when processing USB interface...

CVE-2026-23679

libusb before version 1.0.30 contains a NULL pointer dereference vulnerability that allows attackers to crash applications by supplying a malformed USB configuration descriptor where an interface claims bNumEndpoints greater than zero but is followed by a class-specific descriptor whose bLength...

CVE-2026-47104

libusb before version 1.0.30 contains a one-byte out-of-bounds read vulnerability in parseiadarray in descriptor.c that allows attackers to trigger a denial of service by supplying a malformed USB descriptor whose bLength equals size minus one, causing the bounds check to use the original buffer...

libusb 缓冲区错误漏洞

libusb is an open-source, cross-platform USB device access library. Versions of libusb prior to 1.0.30 contained a buffer error vulnerability. This vulnerability stems from a null pointer dereferencing flaw. Attackers can exploit this by providing malformed USB configuration descriptors, causing...

CVE-2026-43436

In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Check endpoint numbers at parsing Scarlett2 mixer interfaces The Scarlett2 mixer quirk in USB-audio driver may hit a NULL dereference when a malformed USB descriptor is passed, since it assumes the presence of an...

CVE-2026-43136

In the Linux kernel, the following vulnerability has been resolved: HID: logitech-hidpp: Check maxfield in hidppgetreportlength Do not crash when a report has no fields. Fake USB gadgets can send their own HID report descriptors and can define report structures without valid fields. This can be...

Linux Distros Unpatched Vulnerability : CVE-2026-43156

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: usb: pegasus: enable basic endpoint checking pegasusprobe fills URBs with hardcoded endpoint pipes without verifying the endpoint descriptors: -...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002558)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002558 advisory. The acmprobe function in drivers/usb/class/cdc-acm.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service NULL pointer...

EUVD-2020-4011

Malware in sbrugna...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-986424)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986424 advisory. In the Linux kernel, the following vulnerability has been resolved: usb: fix various gadget panics on 10gbps cabling usbassigndescriptors is called with 5 parameters...

Linux Kernel USB Core Out-Of-Bounds Read Local Privilege Escalation Vulnerability

This vulnerability allows physically present attackers to escalate privileges on affected installations of Linux Kernel. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of USB descriptors. The issue results from the lack of proper...

DEBIAN-CVE-2021-47267

In the Linux kernel, the following vulnerability has been resolved: usb: fix various gadget panics on 10gbps cabling usbassigndescriptors is called with 5 parameters, the last 4 of which are the usbdescriptorheader for: full-speed USB1.1 - 12Mbps including USB1.0 low-speed @ 1.5Mbps, high-speed...

SUSE CVE-2016-2384

Double free vulnerability in the sndusbmidicreate function in sound/usb/midi.c in the Linux kernel before 4.5 allows physically proximate attackers to cause a denial of service panic or possibly have unspecified other impact via vectors involving an invalid USB descriptor...

RHEL 8 : kernel-rt (RHSA-2022:1975)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:1975 advisory. The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirement...

Important: Red Hat Security Advisory: kernel security, bug fix, and enhancement update

An update for kernel is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

Important: Red Hat Security Advisory: kernel-rt security and bug fix update

An update for kernel-rt is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

kernel security, bug fix, and enhancement update

An update is available for kernel. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The kernel packages contain the Linux kernel, the core of any Linux operating...