10 matches found
CVE-2022-50767 fbdev: smscufx: Fix several use-after-free bugs
In the Linux kernel, the following vulnerability has been resolved: fbdev: smscufx: Fix several use-after-free bugs Several types of UAFs can occur when physically removing a USB device. Adds ufxopsdestroy function to .fbdestroy of fbops, and in this function, there is krefput that finally calls...
CVE-2022-50767
Technical details for CVE-2022-50767 are not publicly available in the provided documents. Monitor for updates from vendors and advisories to learn affected products, impact, and fixes.
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from multiple post-release reuse vulnerabilities when physically removing a USB device...
AZL-72871 CVE-2025-68331 affecting package kernel for versions less than 6.6.119.3-1
In the Linux kernel, the following vulnerability has been resolved: usb: uas: fix urb unmapping issue when the uas device is remove during ongoing data transfer When a UAS device is unplugged during data transfer, there is a probability of a system panic occurring. The root cause is an access to ...
kernel: Report vmalloc UAF in dvb-core/dmxdev
A use-after-free flaw was found in the Linux kernel’s dvb-core subsystem DVB API used by Digital TV devices in how a user physically removed a USB device such as a DVB demultiplexer device while running malicious code. This flaw allows a local user to crash or potentially escalate their privilege...
An issue was discovered in the Linux kernel through 6.0.9. drivers/char/xillybus/xillyusb.c has a race condition and use-after-free during physical removal of a USB device.
...
CVE-2022-41849
drivers/video/fbdev/smscufx.c in the Linux kernel through 5.19.12 has a race condition and resultant use-after-free if a physically proximate attacker removes a USB device while calling open, aka a race condition between ufxopsopen and ufxusbdisconnect...
CVE-2021-38204
drivers/usb/host/max3421-hcd.c in the Linux kernel before 5.13.6 allows physically proximate attackers to cause a denial of service use-after-free and panic by removing a MAX-3421 USB device in certain situations...
UBUNTU-CVE-2021-38204
drivers/usb/host/max3421-hcd.c in the Linux kernel before 5.13.6 allows physically proximate attackers to cause a denial of service use-after-free and panic by removing a MAX-3421 USB device in certain situations...
PT-2021-1516 · Linux +5 · Linux Kernel +5
Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 5.13.6 Description: The issue is related to a use-after-free vulnerability in the Linux kernel, specifically in the drivers/usb/host/max3421-hcd.c component. This vulnerability can be exploited by physically...