Количество 18
Количество 18
CVE-2025-38497
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: configfs: Fix OOB read on empty string write When writing an empty string to either 'qw_sign' or 'landingPage' sysfs attributes, the store functions attempt to access page[l - 1] before validating that the length 'l' is greater than zero. This patch fixes the vulnerability by adding a check at the beginning of os_desc_qw_sign_store() and webusb_landingPage_store() to handle the zero-length input case gracefully by returning immediately.
CVE-2025-38497
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: configfs: Fix OOB read on empty string write When writing an empty string to either 'qw_sign' or 'landingPage' sysfs attributes, the store functions attempt to access page[l - 1] before validating that the length 'l' is greater than zero. This patch fixes the vulnerability by adding a check at the beginning of os_desc_qw_sign_store() and webusb_landingPage_store() to handle the zero-length input case gracefully by returning immediately.
CVE-2025-38497
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: configfs: Fix OOB read on empty string write When writing an empty string to either 'qw_sign' or 'landingPage' sysfs attributes, the store functions attempt to access page[l - 1] before validating that the length 'l' is greater than zero. This patch fixes the vulnerability by adding a check at the beginning of os_desc_qw_sign_store() and webusb_landingPage_store() to handle the zero-length input case gracefully by returning immediately.
CVE-2025-38497
usb: gadget: configfs: Fix OOB read on empty string write
CVE-2025-38497
In the Linux kernel, the following vulnerability has been resolved: u ...
GHSA-qhvh-q9v2-923q
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: configfs: Fix OOB read on empty string write When writing an empty string to either 'qw_sign' or 'landingPage' sysfs attributes, the store functions attempt to access page[l - 1] before validating that the length 'l' is greater than zero. This patch fixes the vulnerability by adding a check at the beginning of os_desc_qw_sign_store() and webusb_landingPage_store() to handle the zero-length input case gracefully by returning immediately.
BDU:2025-11510
Уязвимость модуля drivers/usb/gadget/configfs.c ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании
SUSE-SU-2025:02848-1
Security update for the Linux Kernel
SUSE-SU-2025:02849-1
Security update for the Linux Kernel
SUSE-SU-2025:03344-1
Security update for the Linux Kernel
ELSA-2025-20663
ELSA-2025-20663: Unbreakable Enterprise kernel security update (IMPORTANT)
SUSE-SU-2025:03023-1
Security update for the Linux Kernel
SUSE-SU-2025:02996-1
Security update for the Linux Kernel
SUSE-SU-2025:02969-1
Security update for the Linux Kernel
SUSE-SU-2025:02853-1
Security update for the Linux Kernel
SUSE-SU-2025:02997-1
Security update for the Linux Kernel
SUSE-SU-2025:03011-1
Security update for the Linux Kernel
SUSE-SU-2025:02923-1
Security update for the Linux Kernel
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2025-38497 In the Linux kernel, the following vulnerability has been resolved: usb: gadget: configfs: Fix OOB read on empty string write When writing an empty string to either 'qw_sign' or 'landingPage' sysfs attributes, the store functions attempt to access page[l - 1] before validating that the length 'l' is greater than zero. This patch fixes the vulnerability by adding a check at the beginning of os_desc_qw_sign_store() and webusb_landingPage_store() to handle the zero-length input case gracefully by returning immediately. | 0% Низкий | 3 месяца назад | |
 | CVE-2025-38497 In the Linux kernel, the following vulnerability has been resolved: usb: gadget: configfs: Fix OOB read on empty string write When writing an empty string to either 'qw_sign' or 'landingPage' sysfs attributes, the store functions attempt to access page[l - 1] before validating that the length 'l' is greater than zero. This patch fixes the vulnerability by adding a check at the beginning of os_desc_qw_sign_store() and webusb_landingPage_store() to handle the zero-length input case gracefully by returning immediately. | CVSS3: 7 | 0% Низкий | 3 месяца назад |
 | CVE-2025-38497 In the Linux kernel, the following vulnerability has been resolved: usb: gadget: configfs: Fix OOB read on empty string write When writing an empty string to either 'qw_sign' or 'landingPage' sysfs attributes, the store functions attempt to access page[l - 1] before validating that the length 'l' is greater than zero. This patch fixes the vulnerability by adding a check at the beginning of os_desc_qw_sign_store() and webusb_landingPage_store() to handle the zero-length input case gracefully by returning immediately. | 0% Низкий | 3 месяца назад | |
 | CVE-2025-38497 usb: gadget: configfs: Fix OOB read on empty string write | 0% Низкий | 2 месяца назад | |
| CVE-2025-38497 In the Linux kernel, the following vulnerability has been resolved: u ... | 0% Низкий | 3 месяца назад | |
| GHSA-qhvh-q9v2-923q In the Linux kernel, the following vulnerability has been resolved: usb: gadget: configfs: Fix OOB read on empty string write When writing an empty string to either 'qw_sign' or 'landingPage' sysfs attributes, the store functions attempt to access page[l - 1] before validating that the length 'l' is greater than zero. This patch fixes the vulnerability by adding a check at the beginning of os_desc_qw_sign_store() and webusb_landingPage_store() to handle the zero-length input case gracefully by returning immediately. | 0% Низкий | 3 месяца назад | |
 | BDU:2025-11510 Уязвимость модуля drivers/usb/gadget/configfs.c ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании | CVSS3: 7 | 0% Низкий | 4 месяца назад |
 | SUSE-SU-2025:02848-1 Security update for the Linux Kernel | 3 месяца назад | ||
| SUSE-SU-2025:02849-1 Security update for the Linux Kernel | 3 месяца назад | ||
| SUSE-SU-2025:03344-1 Security update for the Linux Kernel | около 1 месяца назад | ||
| ELSA-2025-20663 ELSA-2025-20663: Unbreakable Enterprise kernel security update (IMPORTANT) | 26 дней назад | ||
| SUSE-SU-2025:03023-1 Security update for the Linux Kernel | 2 месяца назад | ||
| SUSE-SU-2025:02996-1 Security update for the Linux Kernel | 2 месяца назад | ||
| SUSE-SU-2025:02969-1 Security update for the Linux Kernel | 2 месяца назад | ||
| SUSE-SU-2025:02853-1 Security update for the Linux Kernel | 3 месяца назад | ||
| SUSE-SU-2025:02997-1 Security update for the Linux Kernel | 2 месяца назад | ||
| SUSE-SU-2025:03011-1 Security update for the Linux Kernel | 2 месяца назад | ||
| SUSE-SU-2025:02923-1 Security update for the Linux Kernel | 3 месяца назад |
Уязвимостей на страницу