625 matches found
CVE-2026-45911
In the Linux kernel, the following vulnerability has been resolved: usb: cdns3: fix role switching during resume If the role change while we are suspended, the cdns3 driver switches to the new mode during resume. However, switching to host mode in this context causes a NULL pointer dereference. T...
Astra Linux - уязвимость в linux, linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: xhci: Fixed null pointer dereferencing when the host dies. Ensure that xhcifreedev and xhcikillendpointurbs do not race with each other, and do not cause null pointer dereferencing when the host suddenly dies. The USB core may...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: usb: xhci: Error handling was added in xhcimapurbfordma. Currently, xhcimapurbfordma creates a temporary buffer and copies the SG list to the new linear buffer. However, if kzallocnode fails, the subsequent call to sgpcopytobuffe...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerabilities have been resolved: usb: host: xhci: Fixed a potential memory leak in xhciallocstreaminfo The xhciallocstreaminfo function allocates a stream context array for streaminfo-streamctxarray using xhciallocstreamctx. When an error occurs, the...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: usb: xhciplatremove: avoid NULL dereference Since commit 4736ebd7fcaff1eb8481c140ba494962847d6e0a “usb: host: xhci-plat: omit shared hcd if either root hub has no ports”, xhci-sharedhcd can be NULL, which causes the following...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerability has been resolved: xhci: Remove device endpoints from the bandwidth list when freeing the device. Endpoints are normally deleted from the bandwidth list when they are dropped, before the virt device is freed. If the xHCI host is dying or being...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: xhci: dbc: Fixed a memory leak in xhciallocdbc If DbC is already in use, the memory allocated for the xhcidbc struct does not get freed before returning NULL, resulting in a memory leak...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Return queued buffers on startstreaming failure Buffers are returned if streaming fails to start due to a uvcpmget error. This bug may be responsible for the warning that I encountered during testing. The issue...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: usb: xhci: Don’t skip on “Stopped – Length Invalid” events. Until commit d56b0b2ab142 “usb: xhci: ensure skipped isochronous TDs are returned when the isochronous ring is stopped”, the driver did not skip missed isochronous TDs...
Astra Linux - уязвимость в qemu
QEMU 5.0.0 has a use-after-free issue in the hw/usb/hcd-xhci.c file, as the return value of usbpacketmap is not checked...
Astra Linux - уязвимость в linux-5.10, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: usb: xhci: tegra: fix sleep in atomic call When we set the dual-role port to Host mode, we observed the following issues: - Splat: 167.057718 BUG: Sleeping function called from invalid context at include/linux/sched/mm.h:229...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: usb: xhci-mtk: Fixed an issue where shared HCD resources were leaked when attempting to set the wake-up IRQ. The issue occurred because it was not possible to set @sharedhcd to NULL before reducing the usage count using usbputhcd...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: xhci: A null pointer dereference was fixed in the remove function, especially when xHC has only one root hub. The remove function in the xhci platform driver attempts to remove both the main hcd and the shared hcd, even if only t...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021622)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021622 advisory. In the Linux kernel, the following vulnerability has been resolved: usb: host: xhci: Fix potential memory leak in xhciallocstreaminfo xhciallocstreaminfo allocates...
CVE-2026-43488
In the Linux kernel, the following vulnerability has been resolved: usb: xhci: Prevent interrupt storm on host controller error HCE The xHCI controller reports a Host Controller Error HCE in UAS Storage Device plug/unplug scenarios on Android devices. HCE is checked in xhciirq function and causes...
CVE-2026-43488 usb: xhci: Prevent interrupt storm on host controller error (HCE)
In the Linux kernel, the following vulnerability has been resolved: usb: xhci: Prevent interrupt storm on host controller error HCE The xHCI controller reports a Host Controller Error HCE in UAS Storage Device plug/unplug scenarios on Android devices. HCE is checked in xhciirq function and causes...
SUSE CVE-2026-43290
In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Return queued buffers on startstreaming failure Return buffers if streaming fails to start due to uvcpmget error. This bug may be responsible for a warning I got running while :; do yavta -c3 /dev/video0; done on...
SUSE CVE-2026-43432
In the Linux kernel, the following vulnerability has been resolved: usb: xhci: Fix memory leak in xhcidisableslot xhcialloccommand allocates a command structure and, when the second argument is true, also allocates a completion structure. Currently, the error handling path in xhcidisableslot only...
CVE-2026-43431
A flaw was found in the Linux kernel's xhci host controller driver. This vulnerability occurs when the number of port registers counted in xhci-maxports is greater than the ports reported by Supported Protocol capabilities. This can lead to a NULL pointer dereference, causing a kernel crash and...
EUVD-2026-28560
In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Return queued buffers on startstreaming failure Return buffers if streaming fails to start due to uvcpmget error. This bug may be responsible for a warning I got running while :; do yavta -c3 /dev/video0; done on...