Astra Linux - уязвимость в linux, linux-5.10

A flaw was discovered in the Linux kernel’s driver for ASIX AX88179178A-based USB 2.0/3.0 Gigabit Ethernet devices. The vulnerability involves multiple out-of-bounds reads and possible out-of-bounds writes...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: net: usb: r8152: fix resume reset deadlock The rtl8152 function can trigger a device reset during a reset process, which potentially leads to a deadlock. DPM device timeout after 10 seconds; 15 seconds until panic Call Trace:...

SUSE CVE-2026-23188

In the Linux kernel, the following vulnerability has been resolved: net: usb: r8152: fix resume reset deadlock rtl8152 can trigger device reset during reset which potentially can result in a deadlock: DPM device timeout after 10 seconds; 15 seconds until panic Call Trace: schedule+0x483/0x1370...

CVE-2026-23021 net: usb: pegasus: fix memory leak in update_eth_regs_async()

In the Linux kernel, the following vulnerability has been resolved: net: usb: pegasus: fix memory leak in updateethregsasync When asynchronously writing to the device registers and if usbsubmiturb fail, the code fail to release allocated to this point resources...

MiracleLinux 7 : kernel-3.10.0-1160.83.1.el7 (AXSA:2023-4929:03)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-4929:03 advisory. kernel: memory corruption in AX88179178A based USB ethernet device. CVE-2022-2964 hw: cpu: LFENCE/JMP Mitigation Update for CVE-2017-5715...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002006)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002006 advisory. The hoststart function in drivers/usb/chipidea/host.c in the Linux kernel before 3.7.4 does not properly support a certain non-streaming option, which allows local...

UBUNTU-CVE-2025-71094

In the Linux kernel, the following vulnerability has been resolved: net: usb: asix: validate PHY address before use The ASIX driver reads the PHY address from the USB device via asixreadphyaddr. A malicious or faulty device can return an invalid address = PHYMAXADDR, which causes a warning in...

CVE-2020-7464

In FreeBSD 12.2-STABLE before r365730, 11.4-STABLE before r365738, 12.1-RELEASE before p10, 11.4-RELEASE before p4, and 11.3-RELEASE before p14, a programming error in the ure4 device driver caused some Realtek USB Ethernet interfaces to incorrectly report packets with more than 2048 bytes in a...

CVE-2023-53785

In the Linux kernel, the following vulnerability has been resolved: mt76: mt7921: don't assume adequate headroom for SDIO headers mt7921usbsdiotxprepareskb calls mt7921usbsdiowritetxwi and mt7921skbaddusbsdiohdr, both of which blindly assume that adequate headroom will be available in the passed...

UBUNTU-CVE-2025-40189

In the Linux kernel, the following vulnerability has been resolved: net: usb: lan78xx: Fix lost EEPROM read timeout error-ETIMEDOUT in lan78xxreadraweeprom Syzbot reported read of uninitialized variable BUG with following call stack. lan78xx 8-1:1.0 unnamed netdevice uninitialized: EEPROM read...

CVE-2025-40189

The CVE-2025-40189 issue affects the Linux kernel’s LAN78xx USB Ethernet driver (drivers/net/usb/lan78xx.c). A read_raw_eeprom timeout (-ETIMEDOUT) could be obscured in the fallthrough path after attempting to restore LED pin configurations, causing the data buffer to be treated as valid despite ...

kernel: net: usb: smsc75xx: Limit packet length to skb->len

In the Linux kernel, the following vulnerability has been resolved: net: usb: smsc75xx: Limit packet length to skb-len Packet length retrieved from skb data may be larger than the actual socket buffer length up to 9026 bytes. In such case the cloned skb passed up the network stack will leak kerne...

EUVD-2013-2040

Malware in sbrugna...

EUVD-2020-28590

Malware in sbrugna...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-414420)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-414420 advisory. A flaw was found in the Linux kernels driver for the ASIX AX88179178A-based USB 2.0/3.0 Gigabit Ethernet Devices. The vulnerability contains multiple out-of-bounds...

EUVD-2022-35185

Malicious code in bioql PyPI...

EUVD-2022-54728

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2022-2964

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in the Linux kernel's driver for the ASIX AX88179178A-based USB 2.0/3.0 Gigabit Ethernet Devices. The vulnerability contains multiple...

CVE-2022-50220

In the Linux kernel, the following vulnerability has been resolved: usbnet: Fix linkwatch use-after-free on disconnect usbnet uses the work usbnetdeferredkevent to perform tasks which may sleep. On disconnect, completion of the work was originally awaited in -ndostop. But in 2003, that was moved ...

CVE-2022-50220

CVE-2022-50220 is a Linux kernel vulnerability in the usbnet subsystem where a use-after-free can occur on disconnect due to linkwatch handling after unregister_netdev. The issue stems from usbnet_deferred_kevent() being awaited in a path that may access freed netdev state, potentially enabling m...