CLSA-2026-1778674879 opensc: Fix of CVE-2024-45619

CVE-2024-45619: fix incorrect access of initialized parts of partially filled buffers triggered by crafted APDU responses from USB devices or smart cards...

CVE-2026-43290

A flaw was found in the Linux kernel's uvcvideo module. This vulnerability occurs when the startstreaming function fails to return queued buffers due to an error in uvcpmget. A local attacker could potentially trigger this condition, leading to system instability or a denial of service DoS by...

SUSE-SU-2026:21283-1 Security update for opensc

This update for opensc fixes the following issues: - CVE-2025-49010: stack-buffer-overflow via crafted smart card or USB device responses bsc1261214. - CVE-2025-66037: crafted input can cause an out-of-bounds read bsc1261218. - CVE-2025-66038: improper compact-TLV length validation can lead to...

RLSA-2026:3092 Important: golang-github-openprinting-ipp-usb security update

HTTP reverse proxy, backed by IPP-over-USB connection to device. It enables driverless support for USB devices capable of using IPP-over-USB protocol. Security Fixes: golang: net/url: Memory exhaustion in query parameter parsing in net/url CVE-2025-61726 crypto/tls: Unexpected session resumption ...

ALSA-2026:3092 Important: golang-github-openprinting-ipp-usb security update

HTTP reverse proxy, backed by IPP-over-USB connection to device. It enables driverless support for USB devices capable of using IPP-over-USB protocol. Security Fixes: golang: net/url: Memory exhaustion in query parameter parsing in net/url CVE-2025-61726 crypto/tls: Unexpected session resumption ...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002921)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002921 advisory. The mctu232msrtostate function in drivers/usb/serial/mctu232.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service NU...

CVE-2026-22212

TinyOS versions up to and including 2.1.2 contain a stack-based buffer overflow vulnerability in the mcp2200gpio utility. The vulnerability is caused by unsafe use of strcpy and strcat functions when constructing device paths during automatic device discovery. A local attacker can exploit this by...

CVE-2026-22212 TinyOS <= 2.1.2 Stack-Based Buffer Overflow in mcp2200gpio

TinyOS versions up to and including 2.1.2 contain a stack-based buffer overflow vulnerability in the mcp2200gpio utility. The vulnerability is caused by unsafe use of strcpy and strcat functions when constructing device paths during automatic device discovery. A local attacker can exploit this by...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990597)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990597 advisory. In the Linux kernel, the following vulnerability has been resolved: net: USB: Fix wrong-direction WARNING in plusb.c The syzbot fuzzer detected a bug in the plusb...

[SECURITY] Fedora 43 Update: wireshark-4.6.0-1.fc43

Wireshark allows you to examine protocol data stored in files or as it is captured from wired or wireless WiFi or Bluetooth networks, USB devices, and many other sources. It supports dozens of protocol capture file formats and understands more than a thousand protocols. It has many powerful...

EUVD-2022-54921

In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: host: Stop setting the ACPI companion It is no longer needed. The sysdev pointer is now used when assigning the ACPI companions to the xHCI ports and USB devices. Assigning the ACPI companion here resulted in the...

EUVD-2005-4782

Malware in sbrugna...

EUVD-2005-4781

Malware in sbrugna...

EUVD-2016-8319

Malware in sbrugna...

EUVD-2019-7216

Malware in sbrugna...

[SECURITY] Fedora 41 Update: toolbox-0.2-1.fc41

Toolbx is a tool for Linux, which allows the use of interactive command line environments for software development and troubleshooting the host operating system, without having to install software on the host. It is built on top of Podman and other standard container technologies from OCI. Toolbx...

[SECURITY] Fedora 42 Update: toolbox-0.2-1.fc42

Toolbx is a tool for Linux, which allows the use of interactive command line environments for software development and troubleshooting the host operating system, without having to install software on the host. It is built on top of Podman and other standard container technologies from OCI. Toolbx...

Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS : Linux kernel vulnerabilities (USN-7627-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7627-1 advisory. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This...

CVE-2025-38010

In the Linux kernel, the following vulnerability has been resolved: phy: tegra: xusb: Use a bitmask for UTMI pad power state tracking The current implementation uses biaspadenable as a reference count to manage the shared bias pad for all UTMI PHYs. However, during system suspension with connecte...

CVE-2025-38010 phy: tegra: xusb: Use a bitmask for UTMI pad power state tracking

In the Linux kernel, the following vulnerability has been resolved: phy: tegra: xusb: Use a bitmask for UTMI pad power state tracking The current implementation uses biaspadenable as a reference count to manage the shared bias pad for all UTMI PHYs. However, during system suspension with connecte...