CVE-2026-46091

In the Linux kernel, the following vulnerability has been resolved: media: rc: igorplugusb: heed coherency rules In a control request, the USB request structure can be subject to DMA on some HCs. Hence it must obey the rules for DMA coherency. Allocate it separately...

Astra Linux - уязвимость в linux-5.10, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: Wifi: ath9k: Fix use-after-free in ath9khifusbdisconnect This patch fixes a use-after-free that occurs in ath9khifusbdisconnect when ath9kDestroywmi attempts to access drvpriv, which has already been freed by ieee80211freehw,...

PT-2026-36393

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A use-after-free error exists in the usbtmc release function. This occurs because pending anchored URBs USB Request Blocks are not properly flushed or killed, which can lead to memory...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007394)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007394 advisory. In the Linux kernel, the following vulnerability has been resolved: wifi: rtl818x: Kill URBs before clearing tx status queue In rtl8187stop move the call of...

UBUNTU-CVE-2026-23108

In the Linux kernel, the following vulnerability has been resolved: can: usb8dev: usb8devreadbulkcallback: fix URB memory leak Fix similar memory leak as in commit 7352e1d5932a "can: gsusb: gsusbreceivebulkcallback: fix URB memory leak". In usb8devopen - usb8devstart, the URBs for USB-in transfer...

CVE-2026-23075 can: esd_usb: esd_usb_read_bulk_callback(): fix URB memory leak

In the Linux kernel, the following vulnerability has been resolved: can: esdusb: esdusbreadbulkcallback: fix URB memory leak Fix similar memory leak as in commit 7352e1d5932a "can: gsusb: gsusbreceivebulkcallback: fix URB memory leak". In esdusbopen, the URBs for USB-in transfers are allocated,...

Linux Distros Unpatched Vulnerability : CVE-2026-23037

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - can: etases58x: allow partial RX URB allocation to succeed When es58xallocrxurbs fails to allocate the requested number of URBs but succeeds in allocating some,...

CVE-2026-23031

In the Linux kernel, the following vulnerability has been resolved: can: gsusb: gsusbreceivebulkcallback: fix URB memory leak In gscanopen, the URBs for USB-in transfers are allocated, added to the parent-rxsubmitted anchor and submitted. In the complete callback gsusbreceivebulkcallback, the URB...

CVE-2026-23031

CVE-2026-23031 affects the Linux kernel's gs_usb path. The issue is a memory leak where USB Request Blocks (URBs) completed by gs_usb_receive_bulk_callback() were not reliably released because the USB framework unanchors the URB before completion, bypassing gs_can_close()’s cleanup. The fix ancho...

CVE-2025-68287

In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: Fix race condition between concurrent dwc3removerequests call paths This patch addresses a race condition caused by unsynchronized execution of multiple call paths invoking dwc3removerequests, leading to premature...

UBUNTU-CVE-2025-68307

In the Linux kernel, the following vulnerability has been resolved: can: gsusb: gsusbxmitcallback: fix handling of failed transmitted URBs The driver lacks the cleanup of failed transfers of URBs. This reduces the number of available URBs per error by 1. This leads to reduced performance and...

CVE-2025-68307 can: gs_usb: gs_usb_xmit_callback(): fix handling of failed transmitted URBs

In the Linux kernel, the following vulnerability has been resolved: can: gsusb: gsusbxmitcallback: fix handling of failed transmitted URBs The driver lacks the cleanup of failed transfers of URBs. This reduces the number of available URBs per error by 1. This leads to reduced performance and...

CVE-2022-50565 wifi: plfxlc: fix potential memory leak in __lf_x_usb_enable_rx()

In the Linux kernel, the following vulnerability has been resolved: wifi: plfxlc: fix potential memory leak in lfxusbenablerx urbs does not be freed in exception paths in lfxusbenablerx. That will trigger memory leak. To fix it, add kfree for urbs within "error" label. Compile tested only...

EUVD-2025-26092

Malicious code in bioql PyPI...

SUSE CVE-2025-38604

In the Linux kernel, the following vulnerability has been resolved: wifi: rtl818x: Kill URBs before clearing tx status queue In rtl8187stop move the call of usbkillanchoredurbs before clearing btxstatus.queue. This change prevents callbacks from using already freed skb due to anchor was not kille...

CVE-2025-38604 wifi: rtl818x: Kill URBs before clearing tx status queue

In the Linux kernel, the following vulnerability has been resolved: wifi: rtl818x: Kill URBs before clearing tx status queue In rtl8187stop move the call of usbkillanchoredurbs before clearing btxstatus.queue. This change prevents callbacks from using already freed skb due to anchor was not kille...

UBUNTU-CVE-2025-37882

In the Linux kernel, the following vulnerability has been resolved: usb: xhci: Fix isochronous Ring Underrun/Overrun event handling The TRB pointer of these events points at enqueue at the time of error occurrence on xHCI 1.1+ HCs or it's NULL on older ones. By the time we are handling the event,...

DEBIAN-CVE-2024-46861

In the Linux kernel, the following vulnerability has been resolved: usbnet: ipheth: do not stop RX on failing RX callback RX callbacks can fail for multiple reasons: Payload too short Payload formatted incorrecly e.g. bad NCM framing Lack of memory None of these should cause the driver to seize u...

CVE-2020-25723

A reachable assertion issue was found in the USB EHCI emulation code of QEMU. It could occur while processing USB requests due to missing handling of DMA memory map failure. A malicious privileged user within the guest may abuse this flaw to send bogus USB requests and crash the QEMU process on t...

openSUSE Security Update : Chromium (openSUSE-2016-1080)

Chromium was updated to 53.0.2785.101 to fix a number of security issues and bugs. The following vulnerabilities were fixed: boo996648 - CVE-2016-5147: Universal XSS in Blink. - CVE-2016-5148: Universal XSS in Blink. - CVE-2016-5149: Script injection in extensions. - CVE-2016-5150: Use after free...