17 matches found
CVE-2026-43430
The issue CVE-2026-43430 affects the Linux kernel USB driver for yurex. A race condition occurs in the probe path where the bbu field is not initialized before the URB completion handler uses it, creating a window during which descriptor data can be overwritten by concurrent probing. This can lea...
CVE-2026-43430 usb: yurex: fix race in probe
In the Linux kernel, the following vulnerability has been resolved: usb: yurex: fix race in probe The bbu member of the descriptor must be set to the value standing for uninitialized values before the URB whose completion handler sets bbu is submitted. Otherwise there is a window during which...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the USB Yurex driver’s detection process. During this process, the BBU members are not set to an...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-004230)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004230 advisory. In the Linux kernel before 5.2.9, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/usb/misc/yurex.c driver, aka...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003721)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003721 advisory. An issue was discovered in the Linux kernel before 5.0.14. There is a NULL pointer dereference caused by a malicious USB device in the drivers/usb/misc/yurex.c drive...
Unity Linux 20.1070e Security Update: kernel (UTSA-2026-000472)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000472 advisory. An issue was discovered in the Linux kernel before 5.0.14. There is a NULL pointer dereference caused by a malicious USB device in the drivers/usb/misc/yurex.c drive...
Unity Linux 20.1070e Security Update: kernel (UTSA-2026-000381)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000381 advisory. In the Linux kernel before 5.2.9, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/usb/misc/yurex.c driver, aka...
Linux Distros Unpatched Vulnerability : CVE-2019-19531
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel before 5.2.9, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/usb/misc/yurex.c driver, aka...
SUSE CVE-2019-15216
An issue was discovered in the Linux kernel before 5.0.14. There is a NULL pointer dereference caused by a malicious USB device in the drivers/usb/misc/yurex.c driver...
SUSE CVE-2019-19531
In the Linux kernel before 5.2.9, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/usb/misc/yurex.c driver, aka CID-fc05481b2fca...
DEBIAN-CVE-2019-19531
In the Linux kernel before 5.2.9, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/usb/misc/yurex.c driver, aka CID-fc05481b2fca...
UBUNTU-CVE-2019-19531
In the Linux kernel before 5.2.9, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/usb/misc/yurex.c driver, aka CID-fc05481b2fca...
DEBIAN-CVE-2019-15216
An issue was discovered in the Linux kernel before 5.0.14. There is a NULL pointer dereference caused by a malicious USB device in the drivers/usb/misc/yurex.c driver...
UBUNTU-CVE-2019-15216
An issue was discovered in the Linux kernel before 5.0.14. There is a NULL pointer dereference caused by a malicious USB device in the drivers/usb/misc/yurex.c driver...
PT-2019-3109 · Linux +3 · Linux Kernel +3
Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 5.0.14 Description: The issue is related to a NULL pointer dereference in the drivers/usb/misc/yurex.c driver, caused by a malicious USB device. This can lead to a denial of service. Recommendations: For Linux...
USN-3847-2 linux-hwe, linux-aws-hwe, linux-azure, linux-gcp vulnerabilities
USN-3847-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 18.04 LTS for Ubuntu 16.04 LTS. It was discovered that a race condition existed in the raw MIDI driver for the Linux...
DEBIAN-CVE-2018-16276
An issue was discovered in yurexread in drivers/usb/misc/yurex.c in the Linux kernel before 4.17.7. Local attackers could use user access read/writes with incorrect bounds checking in the yurex USB driver to crash the kernel or potentially escalate privileges...