19 matches found
Astra Linux - уязвимость в linux-5.10, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: net: usb: qmiwwan: Initialize the MAC header offset in qmimuxrxfixup Raw IP packets do not have a MAC header, resulting in skb-macheader being uninitialized. This can trigger kernel panics on ARM64 when xfrm or other subsystems...
SUSE CVE-2026-43479
In the Linux kernel, the following vulnerability has been resolved: net: usb: lan78xx: fix WARN in netifnapidellocked on disconnect Remove redundant netifnapidel call from disconnect path. A WARN may be triggered in netifnapidellocked during USB device disconnect: WARNING: CPU: 0 PID: 11 at...
EUVD-2026-30015
In the Linux kernel, the following vulnerability has been resolved: net: usb: lan78xx: fix WARN in netifnapidellocked on disconnect Remove redundant netifnapidel call from disconnect path. A WARN may be triggered in netifnapidellocked during USB device disconnect: WARNING: CPU: 0 PID: 11 at...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: usbnet: Fix for NPE during rxcomplete There is a missing validation of usbnetgoingaway in the critical path. The usbsubmiturb function lacks this validation, while usbnetqueueskb includes this check. This inconsistency creates a...
PT-2026-30142
In the Linux kernel, the following vulnerability has been resolved: net: usb: cdc ncm: add ndpoffset to NDP32 nframes bounds check The same bounds-check bug fixed for NDP16 in the previous patch also exists in cdc ncm rx verify ndp32. The DPE array size is validated against the total skb length...
EulerOS 2.0 SP11 : kernel (EulerOS-SA-2026-1582)
According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A transient execution vulnerability in some AMD processors may allow an attacker to infer data in the L1D cache, potentially resulting in the...
CVE-2026-23188
In the Linux kernel, the following vulnerability has been resolved: net: usb: r8152: fix resume reset deadlock rtl8152 can trigger device reset during reset which potentially can result in a deadlock: DPM device timeout after 10 seconds; 15 seconds until panic Call Trace: schedule+0x483/0x1370...
EUVD-2025-203757
In the Linux kernel, the following vulnerability has been resolved: usbnet: Prevents free active kevent The root cause of this issue are: 1. When probing the usbnet device, executing usbnetlinkchangedev, 0, 0; put the kevent work in global workqueue. However, the kevent has not yet been scheduled...
SUSE CVE-2025-40140
In the Linux kernel, the following vulnerability has been resolved: net: usb: Remove disruptive netifwakequeue in rtl8150setmulticast syzbot reported WARNING in rtl8150startxmit/usbsubmiturb. This is the sequence of events that leads to the warning: rtl8150startxmit netifstopqueue;...
UBUNTU-CVE-2025-40140
In the Linux kernel, the following vulnerability has been resolved: net: usb: Remove disruptive netifwakequeue in rtl8150setmulticast syzbot reported WARNING in rtl8150startxmit/usbsubmiturb. This is the sequence of events that leads to the warning: rtl8150startxmit netifstopqueue;...
CVE-2025-40140
In the Linux kernel, the following vulnerability has been resolved: net: usb: Remove disruptive netifwakequeue in rtl8150setmulticast syzbot reported WARNING in rtl8150startxmit/usbsubmiturb. This is the sequence of events that leads to the warning: rtl8150startxmit netifstopqueue;...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989129)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989129 advisory. In the Linux kernel, the following vulnerability has been resolved: net: usb: aqc111: Fix out-of-bounds accesses in RX fixup aqc111rxfixup contains several...
PT-2025-46615
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel related to USB networking. Specifically, the rtl8150 set multicast function incorrectly calls netif stop queue and netif wake queue, leading to potentia...
UBUNTU-CVE-2025-21742
In the Linux kernel, the following vulnerability has been resolved: usbnet: ipheth: use static NDP16 location in URB Original code allowed for the start of NDP16 to be anywhere within the URB based on the wNdpIndex value in NTH16. Only the start position of NDP16 was checked, so it was possible f...
CVE-2025-21742 usbnet: ipheth: use static NDP16 location in URB
In the Linux kernel, the following vulnerability has been resolved: usbnet: ipheth: use static NDP16 location in URB Original code allowed for the start of NDP16 to be anywhere within the URB based on the wNdpIndex value in NTH16. Only the start position of NDP16 was checked, so it was possible f...
UBUNTU-CVE-2021-47171
In the Linux kernel, the following vulnerability has been resolved: net: usb: fix memory leak in smsc75xxbind Syzbot reported memory leak in smsc75xxbind. The problem was is non-freed memory in case of errors after memory allocation. backtrace: kmalloc include/linux/slab.h:556 inline kzalloc...
GSD-2021-1002056 usbnet: sanity check for maxpacket
usbnet: sanity check for maxpacket This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.77 by commit 693ecbe8f799405f8775719deedb1f76265d375a...
CVE-2016-1734
AppleUSBNetworking in Apple iOS before 9.3 and OS X before 10.11.4 allows physically proximate attackers to execute arbitrary code in a privileged context or cause a denial of service memory corruption via a crafted USB device...
Oracle Linux 5 / 6 : Unbreakable Enterprise kernel (ELSA-2012-2022)
Description of changes: Avoid bug caused by corrupted Ext4 filesystem. When mounting an ext4 filesystem, the kernel was not checking for zero length extents. This would cause a BUGON assertion failure in the log. NULL pointer dereference in the SCSI subsystem. A NULL dereference may occur if a SC...