349 matches found
SUSE-SU-2026:2997-1 Security update for the Linux Kernel (Live Patch 26 for SUSE Linux Enterprise 15 SP6)
This update for the SUSE Linux Enterprise Kernel 6.4.0-150600.23.112 fixes various security issues The following security issues were fixed: - CVE-2026-31758: usb: usbtmc: Flush anchored URBs in usbtmcrelease bsc1264094. - CVE-2026-43037: ip6tunnel: clear skb2-cb in ip4ip6err bsc1265197. -...
CVE-2026-10663 Use-after-free / double-free of the root USB device in the experimental USB host stack
In Zephyr's experimental USB host stack CONFIGUSBHOSTSTACK, usbhdevicedisconnect subsys/usb/host/usbhdevice.c freed the root usbdevice slab object without clearing the cached pointer ctx-root. The bus removal handler devremovedhandler subsys/usb/host/usbhcore.c decides what to tear down solely fr...
SUSE-SU-2026:2857-1 Security update for the Linux Kernel RT (Live Patch 8 for SUSE Linux Enterprise 15 SP7)
This update for the SUSE Linux Enterprise Kernel 6.4.0-150700.7.28 fixes various security issues The following security issues were fixed: - CVE-2025-71089: iommu: disable SVA when CONFIGX86 is set bsc1256615. - CVE-2026-23393: bridge: cfm: Fix race condition in peermep deletion bsc1260524. -...
SUSE-SU-2026:2631-1 Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP4 RT kernel was updated to fix various security issues The following security issues were fixed: - CVE-2025-10263: arm64: errata: Mitigate TLBI errata on various Arm CPUs bsc1266290. - CVE-2025-68324: scsi: imm: Fix use-after-free bug caused by unfinished delayed wo...
CVE-2026-52982
In the Linux kernel, the following vulnerability has been resolved: net: usb: rtl8150: fix use-after-free in rtl8150startxmit syzbot reported a KASAN slab-use-after-free read in rtl8150startxmit when accessing skb-len for tx statistics after usbsubmiturb has been called: BUG: KASAN:...
EulerOS Virtualization 2.13.0 : kernel (EulerOS-SA-2026-2171)
According to the versions of the kernel packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : nvme: nvme-fc: Ensure -ioerrwork is cancelled in nvmefcdeletectrlCVE-2025-40261 cifs: fix session state check in reconnect to avoid...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: usb: ucsi: Fixed a NULL pointer dereferencing in ucsiconnectorchange. When ucsiinit fails, ucsi-connector is NULL. However, in the case of ucsiacpi, we may still receive events that cause the ucsacpi code to call...
SUSE CVE-2026-31757
In the Linux kernel, the following vulnerability has been resolved: usb: misc: usbio: Fix URB memory leak on submit failure When usbsubmiturb fails in usbioprobe, the previously allocated URB is never freed, causing a memory leak. Fix this by jumping to errfreeurb label to properly release the UR...
CVE-2026-43223
In the Linux kernel, the following vulnerability has been resolved: media: pvrusb2: fix URB leak in pvr2sendrequestex When pvr2sendrequestex submits a write URB successfully but fails to submit the read URB e.g. returns -ENOMEM, it returns immediately without waiting for the write URB to complete...
CVE-2026-31757
A flaw was found in the Linux kernel. Specifically, within the USB subsystem usbio, a memory leak occurs when a Universal Serial Bus USB Request Block URB submission fails during the device probing process. This failure to free the allocated URB memory can lead to a gradual depletion of system...
CVE-2026-31754
A flaw was found in the Linux kernel's USB subsystem, specifically within the cdns3 gadget driver. A local user could exploit this vulnerability by attempting to switch the USB role to host mode after a gadget initialization failure. This state inconsistency can lead to a system crash, resulting ...
CVE-2026-31755
In the Linux kernel, the following vulnerability has been resolved: usb: cdns3: gadget: fix NULL pointer dereference in epqueue When the gadget endpoint is disabled or not yet configured, the ep-desc pointer can be NULL. This leads to a NULL pointer dereference when cdns3gadgetepqueue is called,...
SUSE CVE-2026-23347
In the Linux kernel, the following vulnerability has been resolved: can: usb: f81604: correctly anchor the urb in the read bulk callback When submitting an urb, that is using the anchor pattern, it needs to be anchored before submitting it otherwise it could be leaked if usbkillanchoredurbs is...
UBUNTU-CVE-2026-23188
In the Linux kernel, the following vulnerability has been resolved: net: usb: r8152: fix resume reset deadlock rtl8152 can trigger device reset during reset which potentially can result in a deadlock: DPM device timeout after 10 seconds; 15 seconds until panic Call Trace: schedule+0x483/0x1370...
Linux Kernel Security Vulnerabilities
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the failure of the usbsubmiturb function without properly releasing resources, potentially leadin...
CLSA-2026-1768825166 kernel: Fix of 7 CVEs
fs/proc: fix uaf in procreaddirde CVE-2025-40271 - fs: fix UAF/GPF bug in nilfsmdtdestroy CVE-2022-2978 - Bluetooth: L2CAP: fix "bad unlock balance" in l2capdisconnectrsp CVE-2023-53297 - net: sched: sfb: fix null pointer access issue when sfbinit fails CVE-2022-50356 - ALSA: usb-audio: Fix size...
PT-2026-6131
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a memory leak in the kvaser usb module. Specifically, the issue occurs within the kvaser usb read bulk callback function when handling USB-in transfers. The URB...
SUSE CVE-2025-68331
In the Linux kernel, the following vulnerability has been resolved: usb: uas: fix urb unmapping issue when the uas device is remove during ongoing data transfer When a UAS device is unplugged during data transfer, there is a probability of a system panic occurring. The root cause is an access to ...
CVE-2025-68290
In the Linux kernel, the following vulnerability has been resolved: most: usb: fix double free on late probe failure The MOST subsystem has a non-standard registration function which frees the interface on registration failures and on deregistration. This unsurprisingly leads to bugs in the MOST...
CVE-2023-53840 usb: early: xhci-dbc: Fix a potential out-of-bound memory access
In the Linux kernel, the following vulnerability has been resolved: usb: early: xhci-dbc: Fix a potential out-of-bound memory access If xdbcbulkwrite fails, the values in 'buf' can be anything. So the string is not guaranteed to be NULL terminated when xdbctrace is called. Reserve an extra byte,...