14 matches found
UBUNTU-CVE-2021-47582
In the Linux kernel, the following vulnerability has been resolved: USB: core: Make doproccontrol and doprocbulk killable The USBDEVFSCONTROL and USBDEVFSBULK ioctls invoke usbstartwaiturb, which contains an uninterruptible wait with a user-specified timeout value. If timeout value is very large...
CVE-2021-47582
CVE-2021-47582 affects the Linux kernel USB core (USBDEVFS_CONTROL/USBDEVFS_BULK) where usb_start_wait_urb() can wait uninterruptibly for a very large timeout. The fix changes do_proc_control() and do_proc_bulk() to use a killable wait and GFP_KERNEL instead of GFP_NOIO. Connected advisories (Mir...
SUSE CVE-2021-47170
In the Linux kernel, the following vulnerability has been resolved: USB: usbfs: Don't WARN about excessively large memory allocations Syzbot found that the kernel generates a WARNing if the user tries to submit a bulk transfer through usbfs with a buffer that is way too large. This isn't a bug in...
CVE-2021-47170
In the Linux kernel, the following vulnerability has been resolved: USB: usbfs: Don't WARN about excessively large memory allocations Syzbot found that the kernel generates a WARNing if the user tries to submit a bulk transfer through usbfs with a buffer that is way too large. This isn't a bug in...
CVE-2021-47170 USB: usbfs: Don't WARN about excessively large memory allocations
In the Linux kernel, the following vulnerability has been resolved: USB: usbfs: Don't WARN about excessively large memory allocations Syzbot found that the kernel generates a WARNing if the user tries to submit a bulk transfer through usbfs with a buffer that is way too large. This isn't a bug in...
CVE-2021-47170 USB: usbfs: Don't WARN about excessively large memory allocations
In the Linux kernel, the following vulnerability has been resolved: USB: usbfs: Don't WARN about excessively large memory allocations Syzbot found that the kernel generates a WARNing if the user tries to submit a bulk transfer through usbfs with a buffer that is way too large. This isn't a bug in...
CVE-2021-47170
In the Linux kernel, the following vulnerability has been resolved: USB: usbfs: Don't WARN about excessively large memory allocations Syzbot found that the kernel generates a WARNing if the user tries to submit a bulk transfer through usbfs with a buffer that is way too large. This isn't a bug in...
PT-2024-11217 · Linux +2 · Linux Kernel +2
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue arises when a user attempts to submit a bulk transfer through usbfs with a buffer that is excessively large, generating a WARNing. This is not a bug in the kernel but rather ...
GSD-2021-1000662 USB: usbfs: Don't WARN about excessively large memory allocations
USB: usbfs: Don't WARN about excessively large memory allocations This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.19.193 by commit...
GSD-2021-1000641 USB: usbfs: Don't WARN about excessively large memory allocations
USB: usbfs: Don't WARN about excessively large memory allocations This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.4.124 by commit...
UVI-2021-1000641 USB: usbfs: Don't WARN about excessively large memory allocations
USB: usbfs: Don't WARN about excessively large memory allocations This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.4.124 by commit...
Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2017-3515)
The remote Oracle Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2017-3515 advisory. - crypto: algifhash - Only export and import on sockets with data Herbert Xu Orabug: 25417805 CVE-2016-8646 - USB: usbfs: fix potential infoleak in...
Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2017-3514)
The remote Oracle Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2017-3514 advisory. - vfio/pci: Fix integer overflows, bitmask check Vlad Tsyrklevich Orabug: 25164094 CVE-2016-9083 CVE-2016-9084 - Don't feed anything but regular...
openSUSE Security Update : the Linux Kernel (openSUSE-2016-753)
The openSUSE Leap 42.1 kernel was updated to 4.1.26 to receive various security and bugfixes. The following security bugs were fixed : - CVE-2016-1583: Prevent the usage of mmap when the lower file system does not allow it. This could have lead to local privilege escalation when ecryptfs-utils wa...