74 matches found
CVE-2026-31726
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: uvc: fix NULL pointer dereference during unbind race Commit b81ac4395bbe "usb: gadget: uvc: allow for application to cleanly shutdown" introduced two stages of synchronization waits totaling 1500ms in uvcfunctionunbi...
CVE-2026-31726
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: uvc: fix NULL pointer dereference during unbind race Commit b81ac4395bbe "usb: gadget: uvc: allow for application to cleanly shutdown" introduced two stages of synchronization waits totaling 1500ms in uvcfunctionunbi...
CVE-2026-31726 usb: gadget: uvc: fix NULL pointer dereference during unbind race
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: uvc: fix NULL pointer dereference during unbind race Commit b81ac4395bbe "usb: gadget: uvc: allow for application to cleanly shutdown" introduced two stages of synchronization waits totaling 1500ms in uvcfunctionunbi...
eMPIA AVACAST 代码问题漏洞
eMPIA AVACAST is a USB video capture and encoding device developed by eMPIA in Taiwan, China. eMPIA AVACAST has a code vulnerability that stems from an unreferenced service path. This vulnerability could allow privileged local attackers to place malicious executable files in specific directories...
CLSA-2026-1775224807 Fix of 95 CVEs
CVE-2025-39683 - tracing: Remove unneeded goto out logic CVE-2025-39683 - tracing: Limit access to parser-buffer when tracegetuser failed CVE-2025-39683 CVE-2025-38079 - crypto: algifhash - fix double free in hashaccept CVE-2025-38079 CVE-2025-38159 - wifi: rtw88: fix the 'para' buffer size to...
NULL Pointer Dereference
Overview Affected versions of this package are vulnerable to NULL Pointer Dereference via the uvcscanstreaming function in the UVC Descriptor Handler component. An attacker can cause a denial of service by triggering a null pointer dereference through local access. Remediation There is no fixed...
libuvc 代码问题漏洞
Libuvc is an open-source cross-platform library for USB video devices. Versions of Libuvc prior to 0.0.7 have code vulnerabilities. These vulnerabilities stem from a flaw in the uvcscanstreaming function in the src/device.c file within the UVC Descriptor Handler component, which may lead to null...
The vulnerabilities in the modules drivers/media/usb/uvc/uvc_driver.c and drivers/media/usb/uvc/uvcvideo.h of the Linux operating system’s UVC driver module allow a hacker to cause a service failure.
The vulnerability in the drivers/media/usb/uvc/uvcdriver.c and drivers/media/usb/uvc/uvcvideo.h files of the UVC driver for the Linux operating system is related to incorrect assignment of identifiers. Exploiting this vulnerability could allow an attacker to cause a service failure...
CVE-2025-55676
Generation of error message containing sensitive information in Windows USB Video Driver allows an authorized attacker to disclose information locally...
CVE-2025-55676 Windows USB Video Class System Driver Information Disclosure Vulnerability
...
EUVD-2025-6351
Malicious code in bioql PyPI...
EUVD-2025-6352
Malicious code in bioql PyPI...
EUVD-2025-6335
Malicious code in bioql PyPI...
PT-2025-42784
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contained an issue in the uvcvideo driver related to handling of Universal Video Class UVC entities. Specifically, the driver did not properly mark invalid entities with...
CLSA-2025-1754552669 kernel: Fix of 12 CVEs
net: ch9200: fix uninitialised access during miinwayrestart CVE-2025-38086 - idpf: fix null-ptr-deref in idpffeaturescheck CVE-2025-38053 - ftrace: Fix NULL pointer dereference in isftracetrampoline when ftrace is dead CVE-2022-49977 - sched/fair: Fix potential memory corruption in...
kernel: media: uvcvideo: Fix double free in error path
In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Fix double free in error path If the uvcstatusinit function fails to allocate the inturb, it will free the dev-status pointer but doesn't reset the pointer to NULL. This results in the kfree call in...
kernel: media: uvcvideo: Skip parsing frames of type UVC_VS_UNDEFINED in uvc_parse_format
A vulnerability was found in the Linux kernel's USB Video Class driver. A buffer for video frame data is allocated, which does not account for all of the frame formats contained in a video stream, leading to an out-of-bounds write when a stream includes frames with an undefined format. An attacke...
Security update for kernel-livepatch-MICRO-6-0_Update_2
This update for kernel-livepatch-MICRO-6-0Update2 fixes the following issues: CVE-2024-57882: Fixed mptcp: fix TCP options overflow. bsc1235916 CVE-2024-46818: Fixed drm/amd/display: check gpioid before used as array index bsc1231204 CVE-2024-46815: Fixed drm/amd/display: check numvalidsets befor...
CVE-2025-24987
Out-of-bounds read in Windows USB Video Driver allows an authorized attacker to elevate privileges with a physical attack...
CVE-2025-24055
Out-of-bounds read in Windows USB Video Driver allows an authorized attacker to disclose information with a physical attack...