2 matches found
CVE-2024-41035
CVE-2024-41035 (Linux kernel USB core) : A duplicate-endpoint bug in usbcore was caused by assuming bEndpointAddress reserved bits are always 0, making endpoint_is_duplicate() misclassify descriptors that share direction and endpoint number. The fix clears the reserved bits when parsing endpoint ...
CVE-2023-53594
CVE-2023-53594 is a Linux kernel driver-core resource leak in device_add(): if kobject_add() fails, dev->kobj.parent is set to NULL, causing a leak in resource cleanup and potentially insmod failure for mac80211_hwsim. The initial description and EulerOS/SUSE advisories confirm the vulnerabili...