INFO

CVE-2026-46167 usb: usblp: fix uninitialized heap leak via LPGETSTATUS ioctl

Microsoft Security Response Center • May 29, 2026

INFO

CVE-2026-46109 usb: ulpi: fix memory leak on ulpi_register() error paths

Microsoft Security Response Center • May 29, 2026

INFO

CVE-2026-23679 libusb < 1.0.30 NULL Pointer Dereference in parse_interface()

Microsoft Security Response Center • May 28, 2026

MEDIUM

CVE-2026-47104 libusb < 1.0.30 Out-of-Bounds Read in parse_iad_array()

Microsoft Security Response Center • May 28, 2026

MEDIUM

CVE-2026-31725 usb: gadget: f_ecm: Fix net_device lifecycle with device_move

Microsoft Security Response Center • May 11, 2026

HIGH

CVE-2026-31724 usb: gadget: f_eem: Fix net_device lifecycle with device_move

Microsoft Security Response Center • May 11, 2026

INFO

CVE-2026-23365 net: usb: kalmia: validate USB endpoints

Microsoft Security Response Center • Apr 26, 2026

INFO

CVE-2026-31616 usb: gadget: f_phonet: fix skb frags[] overflow in pn_rx_complete()

Microsoft Security Response Center • Apr 26, 2026

INFO

CVE-2026-31607 usbip: validate number_of_packets in usbip_pack_ret_submit()

Microsoft Security Response Center • Apr 26, 2026

INFO

CVE-2026-31615 usb: gadget: renesas_usb3: validate endpoint index in standard request handlers

Microsoft Security Response Center • Apr 26, 2026

MEDIUM

CVE-2026-31606 usb: gadget: f_hid: don't call cdev_init while cdev in use

Microsoft Security Response Center • Apr 26, 2026

INFO

CVE-2026-23324 can: usb: etas_es58x: correctly anchor the urb in the read bulk callback

Microsoft Security Response Center • Apr 25, 2026

INFO

CVE-2026-23446 net: usb: aqc111: Do not perform PM inside suspend callback

Microsoft Security Response Center • Apr 25, 2026

INFO

BTS #67 - BIOS Password Cracking, Secure Boot, and Stackwarp

Eclypsium • Jan 27, 2026