Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: USB: core: Fixed a duplicate endpoint bug by clearing reserved bits in the descriptor. Syzbot has identified a bug in usbcore see the Closes: tag below. The bug is caused by our assumption that the reserved bits in the...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux

In the Linux kernel, the following vulnerability has been resolved: gadgetfs: epio - wait until IRQ finishes after usbepqueue if waitforcompletioninterruptible is interrupted we need to wait until IRQ gets finished. Otherwise complete from epiocomplete can corrupt stack...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: net: usb: rtl8150: enable basic endpoint checking Syzkaller reports 1 encountering a common issue of utilizing a wrong usb endpoint type during URB submitting stage. This, in turn, triggers a warning shown below. For now, enable...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007304)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007304 advisory. In the Linux kernel, the following vulnerability has been resolved: comedi: vmk80xx: fix incomplete endpoint checking While vmk80xx does have endpoint checking...

CVE-2025-50652

An issue in D-Link DI-8003 16.07.26A1 related to improper handling of the id parameter in the /saveparmusb.asp endpoint...

CVE-2025-50652

An issue in D-Link DI-8003 16.07.26A1 related to improper handling of the id parameter in the /saveparmusb.asp endpoint...

CVE-2025-50652

An issue in D-Link DI-8003 16.07.26A1 related to improper handling of the id parameter in the /saveparmusb.asp endpoint...

ROS-20260408-73-0018

A vulnerability in the usbparsessendpointcompanion function of the drivers/usb/core/config.c component of the Linux kernel is related to buffer copying without input data validation. Exploitation of the vulnerability allows an intruder to affect confidentiality and availability of protected...

Oracle Linux 7 : kernel (ELSA-2026-3685)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-3685 advisory. - ext4: fix use-after-free in ext4orphancleanup CVE-2022-50673 Orabug: 39036029 - Squashfs: check return result of sbminblocksize CVE-2025-38415 Orabug...

CLSA-2026-1773047921 kernel: Fix of 70 CVEs

wifi: iwlwifi: mvm: guard against invalid STA ID on removal CVE-2024-36921 - ASoC: topology: Fix references to freed memory CVE-2024-41069 - net/sched: actmirred: don't override retval if we already lost the skb CVE-2024-26739 - drivers: base: Free devm resources when unregistering a device...

CLSA-2026-1771241609 kernel: Fix of 13 CVEs

vsock: Do not allow binding to VMADDRPORTANY CVE-2025-38618 - cnic: Fix use-after-free bugs in cnicdeletetask CVE-2025-39945 - scsi: bfa: Double-free fix CVE-2025-38699 - pptp: ensure minimal skb length in pptpxmit CVE-2025-38574 - ipv6: reject malicious packets in ipv6gsosegment CVE-2025-38572 -...

CLSA-2026-1771237797 kernel: Fix of 13 CVEs

fbdev: Fix vmalloc out-of-bounds write in fastimageblit CVE-2025-38685 - cnic: Fix use-after-free bugs in cnicdeletetask CVE-2025-39945 - scsi: bfa: Double-free fix CVE-2025-38699 - fbdev: fix potential buffer overflow in doregisterframebuffer CVE-2025-38702 - scsi: ses: Fix slab-out-of-bounds in...

EulerOS Virtualization 2.10.1 : qemu (EulerOS-SA-2026-1144)

According to the versions of the qemu packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A flaw was found in QEMU, in the virtio-scsi, virtio-blk, and virtio-crypto devices. The size for virtqueuepush as set in...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003708)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003708 advisory. drivers/net/wireless/ath/ath6kl/usb.c in the Linux kernel through 5.2.9 has a NULL pointer dereference via an incomplete address in an endpoint descriptor. Tenable h...

EulerOS 2.0 SP12 : kernel (EulerOS-SA-2026-1071)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : net: drop UFO packets in udprcvsegmentCVE-2025-38622 A transient execution vulnerability in some AMD processors may allow an attacker to infer dat...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-003031)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003031 advisory. The digiportinit function in drivers/usb/serial/digiacceleport.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service...

Astra Linux - уязвимость в qemu

A flaw was found in QEMU. An assertion failure was present in the usbepget function in hw/net/core.c when trying to get the USB endpoint from a USB device. This flaw may allow a malicious unprivileged guest user to crash the QEMU process on the host and cause a denial of service condition...

CVE-2023-54213

In the Linux kernel, the following vulnerability has been resolved: USB: sisusbvga: Add endpoint checks The syzbot fuzzer was able to provoke a WARNING from the sisusbvga driver: ------------ cut here ------------ usb 1-1: BOGUS urb xfer, pipe 3 != type 1 WARNING: CPU: 1 PID: 26 at...

EUVD-2023-60428

In the Linux kernel, the following vulnerability has been resolved: USB: sisusbvga: Add endpoint checks The syzbot fuzzer was able to provoke a WARNING from the sisusbvga driver: ------------ cut here ------------ usb 1-1: BOGUS urb xfer, pipe 3 != type 1 WARNING: CPU: 1 PID: 26 at...

UBUNTU-CVE-2023-54277

In the Linux kernel, the following vulnerability has been resolved: fbdev: udlfb: Fix endpoint check The syzbot fuzzer detected a problem in the udlfb driver, caused by an endpoint not having the expected type: usb 1-1: Read EDID byte 0 failed: -71 usb 1-1: Unable to get valid EDID from...