CVE-2026-46167

In the Linux kernel, the following vulnerability has been resolved: usb: usblp: fix uninitialized heap leak via LPGETSTATUS ioctl Just like in a previous problem in this driver, usblpctrlmsg will collapse the usbcontrolmsg return value to 0/-errno, discarding the actual number of bytes transferre...

CVE-2026-46167

CVE-2026-46167 – Linux kernel usb/usblp heap leak : The vulnerability stems from an uninitialized status buffer (statusbuf) allocated at probe time for LPGETSTATUS. If a malicious printer returns zero bytes, a stale 8-byte heap region could be copied to userspace via LPGETSTATUS, causing a heap l...

CVE-2026-46151

In the Linux kernel, the following vulnerability has been resolved: usb: usblp: fix heap leak in IEEE 1284 device ID via short response usblpctrlmsg collapses the usbcontrolmsg return value to 0/-errno, discarding the actual number of bytes transferred. A broken printer can complete the GETDEVICE...

PT-2026-44290

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 7.0.11-1.1 Description A heap leak exists in the usblp driver. The usblp read status function requests 1 byte of data, but if a malicious printer responds with zero bytes, the usblp ctrl msg function discards the...

Microsoft Windows USB Print Driver 安全漏洞

Microsoft Windows USB Print Driver is a USB printer device driver provided by Microsoft. An elevation of privilege vulnerability exists in Microsoft Windows USB Print Driver, which can be exploited by an attacker to elevate privileges...