Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: USB: Hub – Ignoring non-compliant devices with too many configurations or interfaces Robert Morris created a test program that can cause usbhubtostructhub to dereference a NULL or inappropriate pointer. Oops: General Protection...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: USB: Hub – Protection against access to uninitialized BOS descriptors Many functions in drivers/usb/core/hub.c and drivers/usb/core/hub.h access fields within udev-bos without checking whether they have been allocated and...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002137)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002137 advisory. The hubactivate function in drivers/usb/core/hub.c in the Linux kernel before 4.3.5 does not properly maintain a hub-interface data structure, which allows physicall...

Siemens SIMATIC Devices NULL Pointer Dereference (CVE-2025-21776)

USB: hub: Ignore non-compliant devices with too many configs or interfaces. A test program can cause usbhubtostructhub to dereference a NULL or inappropriate pointer. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEV...

kernel: usb: hub: Guard against accesses to uninitialized BOS descriptors

In the Linux kernel, the following vulnerability has been resolved: usb: hub: Guard against accesses to uninitialized BOS descriptors Many functions in drivers/usb/core/hub.c and drivers/usb/core/hub.h access fields inside udev-bos without checking if it was allocated and initialized. If...

DEBIAN-CVE-2025-38134

In the Linux kernel, the following vulnerability has been resolved: usb: acpi: Prevent null pointer dereference in usbacpiaddusb4devlink As demonstrated by the fix for updateportdevicestate, commit 12783c0b9e2c "usb: core: Prevent null pointer dereference in updateportdevicestate",...

USB: hub: Ignore non-compliant devices with too many configs or interfaces

...

DEBIAN-CVE-2025-21776

In the Linux kernel, the following vulnerability has been resolved: USB: hub: Ignore non-compliant devices with too many configs or interfaces Robert Morris created a test program which can cause usbhubtostructhub to dereference a NULL or inappropriate pointer: Oops: general protection fault,...

AZL-57813 CVE-2025-21776 affecting package kernel for versions less than 5.15.179.1-1

In the Linux kernel, the following vulnerability has been resolved: USB: hub: Ignore non-compliant devices with too many configs or interfaces Robert Morris created a test program which can cause usbhubtostructhub to dereference a NULL or inappropriate pointer: Oops: general protection fault,...

AZL-57890 CVE-2025-21776 affecting package kernel for versions less than 6.6.79.1-1

In the Linux kernel, the following vulnerability has been resolved: USB: hub: Ignore non-compliant devices with too many configs or interfaces Robert Morris created a test program which can cause usbhubtostructhub to dereference a NULL or inappropriate pointer: Oops: general protection fault,...

UBUNTU-CVE-2025-21776

In the Linux kernel, the following vulnerability has been resolved: USB: hub: Ignore non-compliant devices with too many configs or interfaces Robert Morris created a test program which can cause usbhubtostructhub to dereference a NULL or inappropriate pointer: Oops: general protection fault,...

CVE-2025-21776

In the Linux kernel, the following vulnerability has been resolved: USB: hub: Ignore non-compliant devices with too many configs or interfaces Robert Morris created a test program which can cause usbhubtostructhub to dereference a NULL or inappropriate pointer: Oops: general protection fault,...

CVE-2025-21776 USB: hub: Ignore non-compliant devices with too many configs or interfaces

In the Linux kernel, the following vulnerability has been resolved: USB: hub: Ignore non-compliant devices with too many configs or interfaces Robert Morris created a test program which can cause usbhubtostructhub to dereference a NULL or inappropriate pointer: Oops: general protection fault,...

EulerOS 2.0 SP8 : kernel (EulerOS-SA-2024-2476)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : IB/ipoib: Fix mcast list lockingCVE-2023-52587 netfilter: nftables: avoid overflows in nfthashbucketsCVE-2021-46992 SUNRPC: Fix a suspicious RCU...

AlmaLinux 8 : kernel update (Medium) (ALSA-2024:3618)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:3618 advisory. kernel: Marvin vulnerability side-channel leakage in the RSA decryption operation CVE-2023-6240 kernel: Information disclosure in vhost/vhost.c:vhostnewms...

RHEL 8 : kernel update (Moderate) (RHSA-2024:3618)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:3618 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: Marvin vulnerability...

EulerOS 2.0 SP11 : kernel (EulerOS-SA-2024-1788)

"According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: vgic-its: Avoid potential UAF in LPI translation cache There is a...

OESA-2024-1621 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: firmware: armscmi: Harden accesses to the reset domains Accessing reset domains descriptors by the index upon the SCMI drivers requests through the SCMI reset...

OESA-2024-1620 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: firmware: armscmi: Harden accesses to the reset domains Accessing reset domains descriptors by the index upon the SCMI drivers requests through the SCMI reset...

CVE-2024-26875

In the Linux kernel, the following vulnerability has been resolved: media: pvrusb2: fix uaf in pvr2contextsetnotify Syzbot reported BUG: KASAN: slab-use-after-free in pvr2contextsetnotify+0x2c4/0x310 drivers/media/usb/pvrusb2/pvrusb2-context.c:35 Read of size 4 at addr ffff888113aeb0d8 by task...