CVE-2026-43432

In the Linux kernel, the following vulnerability has been resolved: usb: xhci: Fix memory leak in xhcidisableslot xhcialloccommand allocates a command structure and, when the second argument is true, also allocates a completion structure. Currently, the error handling path in xhcidisableslot only...

UBUNTU-CVE-2026-43431

In the Linux kernel, the following vulnerability has been resolved: xhci: Fix NULL pointer dereference when reading portli debugfs files Michal reported and debgged a NULL pointer dereference bug in the recently added portli debugfs files Oops is caused when there are more port registers counted ...

CVE-2026-43431 xhci: Fix NULL pointer dereference when reading portli debugfs files

In the Linux kernel, the following vulnerability has been resolved: xhci: Fix NULL pointer dereference when reading portli debugfs files Michal reported and debgged a NULL pointer dereference bug in the recently added portli debugfs files Oops is caused when there are more port registers counted ...

CVE-2026-43431

In the Linux kernel, the following vulnerability has been resolved: xhci: Fix NULL pointer dereference when reading portli debugfs files Michal reported and debgged a NULL pointer dereference bug in the recently added portli debugfs files Oops is caused when there are more port registers counted ...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: xhci: dbc: Fixed a memory leak in xhciallocdbc If DbC is already in use, the memory allocated for the xhcidbc struct does not get freed before returning NULL, resulting in a memory leak...

xhci (>=0.2.6 <=0.9.2) potentially affected by unknown CVE via accessor (>=0.2.0 <=0.3.3)

accessor CARGO version =0.2.0, =0.2.6, =0.9.2 Source cves: unknown CVE Source advisory: OSV:RUSTSEC-2026-0127...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-006954)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006954 advisory. In the Linux kernel, the following vulnerability has been resolved: xhci: Remove device endpoints from bandwidth list when freeing the device Endpoints are normally...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-005607)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005607 advisory. In the Linux kernel, the following vulnerability has been resolved: xhci: Remove device endpoints from bandwidth list when freeing the device Endpoints are normally...

CVE-2026-23009

CVE-2026-23009 is a Linux kernel vulnerability in the xHCI sideband code where xhci_sideband_remove_endpoint() could dereference a non-existent transfer ring (ep-&gt;ring) during suspend/resume or re-enumeration, risking a crash. The fix adds a guard to only dereference ep-&gt;ring if it exists a...

CVE-2026-23009

In the Linux kernel, the following vulnerability has been resolved: xhci: sideband: don't dereference freed ring when removing sideband endpoint xhcisidebandremoveendpoint incorrecly assumes that the endpoint is running and has a valid transfer ring. Lianqin reported a crash during suspend/wake-u...

CVE-2022-50809

In the Linux kernel, the following vulnerability has been resolved: xhci: dbc: Fix memory leak in xhciallocdbc If DbC is already in use, then the allocated memory for the xhcidbc struct doesn't get freed before returning NULL, which leads to a memleak...

CVE-2022-50809

In the Linux kernel, the following vulnerability has been resolved: xhci: dbc: Fix memory leak in xhciallocdbc If DbC is already in use, then the allocated memory for the xhcidbc struct doesn't get freed before returning NULL, which leads to a memleak...

CVE-2022-50544

In the Linux kernel, the following vulnerability has been resolved: usb: host: xhci: Fix potential memory leak in xhciallocstreaminfo xhciallocstreaminfo allocates stream context array for streaminfo -streamctxarray with xhciallocstreamctx. When some error occurs, streaminfo-streamctxarray is not...

CVE-2022-50470

In the Linux kernel, the following vulnerability has been resolved: xhci: Remove device endpoints from bandwidth list when freeing the device Endpoints are normally deleted from the bandwidth list when they are dropped, before the virt device is freed. If xHC host is dying or being removed then t...

UBUNTU-CVE-2022-50470

In the Linux kernel, the following vulnerability has been resolved: xhci: Remove device endpoints from bandwidth list when freeing the device Endpoints are normally deleted from the bandwidth list when they are dropped, before the virt device is freed. If xHC host is dying or being removed then t...

PT-2025-40657

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel related to the handling of device endpoints within the xhci driver. Specifically, the issue arises when freeing a virtual device, potentially leading to...

EUVD-2025-14108

Malicious code in bioql PyPI...

EUVD-2025-5266

Malicious code in bioql PyPI...

UBUNTU-CVE-2022-49962

In the Linux kernel, the following vulnerability has been resolved: xhci: Fix null pointer dereference in remove if xHC has only one roothub The remove path in xhci platform driver tries to remove and put both main and shared hcds even if only a main hcd exists one roothub This causes a null...

SUSE CVE-2025-22022

In the Linux kernel, the following vulnerability has been resolved: usb: xhci: Apply the link chain quirk on NEC isoc endpoints Two clearly different specimens of NEC uPD720200 one with start/stop bug, one without were seen to cause IOMMU faults after some Missed Service Errors. Faulting address ...