CVE-2026-43432
- EPSS 0.12%
- Veröffentlicht 08.05.2026 14:22:03
- Zuletzt bearbeitet 20.05.2026 18:18:34
In the Linux kernel, the following vulnerability has been resolved: usb: xhci: Fix memory leak in xhci_disable_slot() xhci_alloc_command() allocates a command structure and, when the second argument is true, also allocates a completion structure. C...
CVE-2026-43430
- EPSS 0.09%
- Veröffentlicht 08.05.2026 14:22:02
- Zuletzt bearbeitet 20.05.2026 18:22:23
In the Linux kernel, the following vulnerability has been resolved: usb: yurex: fix race in probe The bbu member of the descriptor must be set to the value standing for uninitialized values before the URB whose completion handler sets bbu is submit...
CVE-2026-43428
- EPSS 0.12%
- Veröffentlicht 08.05.2026 14:22:01
- Zuletzt bearbeitet 20.05.2026 18:26:17
In the Linux kernel, the following vulnerability has been resolved: USB: core: Limit the length of unkillable synchronous timeouts The usb_control_msg(), usb_bulk_msg(), and usb_interrupt_msg() APIs in usbcore allow unlimited timeout durations. An...
CVE-2026-43429
- EPSS 0.12%
- Veröffentlicht 08.05.2026 14:22:01
- Zuletzt bearbeitet 20.05.2026 18:23:12
In the Linux kernel, the following vulnerability has been resolved: USB: usbtmc: Use usb_bulk_msg_killable() with user-specified timeouts The usbtmc driver accepts timeout values specified by the user in an ioctl command, and uses these timeouts fo...
CVE-2026-43427
- EPSS 0.13%
- Veröffentlicht 08.05.2026 14:22:00
- Zuletzt bearbeitet 20.05.2026 18:29:41
In the Linux kernel, the following vulnerability has been resolved: usb: class: cdc-wdm: fix reordering issue in read code path Quoting the bug report: Due to compiler optimization or CPU out-of-order execution, the desc->length update can be reor...
CVE-2026-43425
- EPSS 0.12%
- Veröffentlicht 08.05.2026 14:21:59
- Zuletzt bearbeitet 20.05.2026 18:35:46
In the Linux kernel, the following vulnerability has been resolved: usb: image: mdc800: kill download URB on timeout mdc800_device_read() submits download_urb and waits for completion. If the timeout fires and the device has not responded, the func...
CVE-2026-43426
- EPSS 0.13%
- Veröffentlicht 08.05.2026 14:21:59
- Zuletzt bearbeitet 20.05.2026 18:32:36
In the Linux kernel, the following vulnerability has been resolved: usb: renesas_usbhs: fix use-after-free in ISR during device removal In usbhs_remove(), the driver frees resources (including the pipe array) while the interrupt handler (usbhs_inte...
CVE-2026-43424
- EPSS 0.12%
- Veröffentlicht 08.05.2026 14:21:58
- Zuletzt bearbeitet 20.05.2026 18:37:33
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: f_tcm: Fix NULL pointer dereferences in nexus handling The `tpg->tpg_nexus` pointer in the USB Target driver is dynamically managed and tied to userspace configuration...
- EPSS 0.02%
- Veröffentlicht 08.05.2026 14:21:57
- Zuletzt bearbeitet 12.05.2026 14:10:27
In the Linux kernel, the following vulnerability has been resolved: usb: legacy: ncm: Fix NPE in gncm_bind Commit 56a512a9b410 ("usb: gadget: f_ncm: align net_device lifecycle with bind/unbind") deferred the allocation of the net_device. This chang...
- EPSS 0.01%
- Veröffentlicht 08.05.2026 14:21:57
- Zuletzt bearbeitet 12.05.2026 14:10:27
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: f_ncm: Fix atomic context locking issue The ncm_set_alt function was holding a mutex to protect against races with configfs, which invokes the might-sleep function ins...