Lucene search
+L

20 matches found

OSV
OSV
added 5 days ago3 views

CVE-2026-10668 Host-triggerable control-endpoint wedge (DoS) in Nuvoton NuMaker HSUSBD UDC driver

The Nuvoton NuMaker HSUSBD USB device-controller driver drivers/usb/udc/udcnumaker.c armed the control Data IN stage unconditionally base-CEPTXCNT = len in numakerhsusbdeptrigger. Because the HSUSBD hardware cannot disarm a control Data IN already armed for a previous transfer, a USB host that...

2.4CVSS6.1AI score0.00143EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/07/05 10:23 p.m.5 views

CVE-2026-10656 NULL-pointer dereference DoS in MAX32 USB device controller transfer-completion handlers

The MAX32xxx USB device controller driver drivers/usb/udc/udcmax32.c, compatible adimax32usbhs dereferenced an endpoint buffer in its OUT and IN transfer-completion handlers without checking it for NULL. udceventxferoutdone called netbufaddbuf, eprequest-actlen immediately after buf =...

4.6CVSS6.1AI score0.00191EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2026/07/05 10:23 p.m.10 views

CVE-2026-10656

The MAX32xxx USB device controller driver drivers/usb/udc/udcmax32.c, compatible adimax32usbhs dereferenced an endpoint buffer in its OUT and IN transfer-completion handlers without checking it for NULL. udceventxferoutdone called netbufaddbuf, eprequest-actlen immediately after buf =...

4.6CVSS6.1AI score0.00191EPSS
Exploits1References3Affected Software1
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.7 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: usb: ChipIdea UDC: Fix for DMA and SG cleanup in epnuke The ChipIdea UDC driver may encounter errors where “not-page-aligned sg buffers” occur when a USB device is reconnected after being disconnected during an active transfer...

7.8CVSS5.9AI score0.00129EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2026/05/06 11:28 a.m.10 views

CVE-2026-43250

In the Linux kernel, the following vulnerability has been resolved: usb: chipidea: udc: fix DMA and SG cleanup in epnuke The ChipIdea UDC driver can encounter "not page aligned sg buffer" errors when a USB device is reconnected after being disconnected during an active transfer. This occurs becau...

7.8CVSS5.8AI score0.00129EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/04/17 12:0 a.m.3 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007463)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007463 advisory. In the Linux kernel, the following vulnerability has been resolved: usb: udc: remove warning when queue disabled ep It is possible trigger below warning message from...

5.5CVSS6.2AI score0.0023EPSS
Exploits0References4
Microsoft CVE
Microsoft CVE
added 2025/12/18 9:1 a.m.6 views

usb: gadget: udc: fix use-after-free in usb_gadget_state_work

...

5.5CVSS6.7AI score0.00179EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/10/07 12:0 a.m.4 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-986977)

"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986977 advisory. In the Linux kernel, the following vulnerability has been resolved: usb: gadget: Fix use-after-free bug by not setting udc-dev.driver The syzbot fuzzer found a...

5.5CVSS5.8AI score0.00233EPSS
Exploits0References4
OSV
OSV
added 2025/09/18 2:15 p.m.13 views

UBUNTU-CVE-2023-53418

In the Linux kernel, the following vulnerability has been resolved: USB: gadget: lpc32xxudc: fix memory leak with using debugfslookup When calling debugfslookup the result must have dput called on it, otherwise the memory will leak over time. To make things simpler, just call debugfslookupandremo...

5.5CVSS5.7AI score0.00136EPSS
Exploits0References7
ATTACKERKB
ATTACKERKB
added 2025/07/25 12:53 p.m.4 views

CVE-2025-38376

In the Linux kernel, the following vulnerability has been resolved: usb: chipidea: udc: disconnect/reconnect from host when do suspend/resume Shawn and John reported a hang issue during system suspend as below: - USB gadget is enabled as Ethernet - There is data transfer over USB Ethernet scp a...

5.5CVSS6AI score0.00146EPSS
Exploits0References5Affected Software1
Debian CVE
Debian CVE
added 2025/07/25 12:53 p.m.6 views

CVE-2025-38376

In the Linux kernel, the following vulnerability has been resolved: usb: chipidea: udc: disconnect/reconnect from host when do suspend/resume Shawn and John reported a hang issue during system suspend as below: - USB gadget is enabled as Ethernet - There is data transfer over USB Ethernet scp a b...

5.5CVSS5.4AI score0.00146EPSS
Exploits0
OSV
OSV
added 2025/07/25 12:53 p.m.4 views

CVE-2025-38376 usb: chipidea: udc: disconnect/reconnect from host when do suspend/resume

In the Linux kernel, the following vulnerability has been resolved: usb: chipidea: udc: disconnect/reconnect from host when do suspend/resume Shawn and John reported a hang issue during system suspend as below: - USB gadget is enabled as Ethernet - There is data transfer over USB Ethernet scp a b...

5.5CVSS6.4AI score0.00146EPSS
Exploits0References7
OSV
OSV
added 2025/06/18 11:15 a.m.10 views

UBUNTU-CVE-2022-49980

In the Linux kernel, the following vulnerability has been resolved: USB: gadget: Fix use-after-free Read in usbudcuevent The syzbot fuzzer found a race between uevent callbacks and gadget driver unregistration that can cause a use-after-free bug:...

7.8CVSS6AI score0.00208EPSS
Exploits0References4
OSV
OSV
added 2025/01/19 12:15 p.m.2 views

DEBIAN-CVE-2024-57913

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: ffs: Remove WARNON in functionfsbind This commit addresses an issue related to below kernel panic where paniconwarn is enabled. It is caused by the unnecessary use of WARNON in functionsfsbind, which easily leads to...

4.7CVSS5.5AI score0.00164EPSS
Exploits0References1
OSV
OSV
added 2025/01/19 12:15 p.m.10 views

UBUNTU-CVE-2024-57913

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: ffs: Remove WARNON in functionfsbind This commit addresses an issue related to below kernel panic where paniconwarn is enabled. It is caused by the unnecessary use of WARNON in functionsfsbind, which easily leads to...

4.7CVSS6.1AI score0.00164EPSS
Exploits0References45
Debian CVE
Debian CVE
added 2024/12/28 9:46 a.m.17 views

CVE-2024-56698

In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: gadget: Fix looping of queued SG entries The dwc3request-numqueuedsgs is decremented on completion. If a partially completed request is handled, then the dwc3request-numqueuedsgs no longer reflects the total number of...

5.5CVSS5.6AI score0.00208EPSS
Exploits0
BDU FSTEC
BDU FSTEC
added 2024/11/20 12:0 a.m.14 views

The vulnerability of the udc component in the Linux operating system’s kernel allows a hacker to trigger a service failure.

The vulnerability of the udc component in the Linux operating system’s kernel is related to improper locking of resources in the usbepqueue function. Exploiting this vulnerability can allow an attacker to cause a service failure...

5.5CVSS6.4AI score0.0023EPSS
Exploits0References46Affected Software6
Microsoft CVE
Microsoft CVE
added 2024/10/16 7:0 a.m.8 views

usb: gadget: aspeed_udc: validate endpoint index for ast udc

...

7.8CVSS7.1AI score0.00244EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2024/05/21 2:0 a.m.14 views

SUSE CVE-2024-35822

In the Linux kernel, the following vulnerability has been resolved: usb: udc: remove warning when queue disabled ep It is possible trigger below warning message from mass storage function, WARNING: CPU: 6 PID: 3839 at drivers/usb/gadget/udc/core.c:294 usbepqueue+0x7c/0x104 pc :...

3.3CVSS6.5AI score0.0023EPSS
Exploits0References19
OSV
OSV
added 2024/02/28 9:15 a.m.1 views

DEBIAN-CVE-2021-46986

In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: gadget: Free gadget structure only after freeing endpoints As part of commit e81a7018d93a "usb: dwc3: allocate gadget structure dynamically" the dwc3gadgetrelease was added which will free the dwc-gadget structure upon...

5.5CVSS5AI score0.00229EPSS
Exploits0References1
Rows per page
Query Builder