Description
In the Linux kernel, the following vulnerability has been resolved: usb: yurex: fix race in probe The bbu member of the descriptor must be set to the value standing for uninitialized values before the URB whose completion handler sets bbu is submitted. Otherwise there is a window during which probing can overwrite already retrieved data.
References (8)
Core 8
Core References
Scores
CVSS v3
4.7
EPSS
0.0009
EPSS Percentile
0.6%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
Details
CWE
CWE-362
Status
published
Products (35)
linux/Kernel
2.6.37 - 5.10.253linux
linux/Kernel
5.11.0 - 5.15.203linux
linux/Kernel
5.16.0 - 6.1.167linux
linux/Kernel
6.13.0 - 6.18.19linux
linux/Kernel
6.19.0 - 6.19.9linux
linux/Kernel
6.2.0 - 6.6.130linux
linux/Kernel
6.7.0 - 6.12.78linux
Linux/Linux
< 2.6.37
Linux/Linux
1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - 3cec135415a89723e2d38e1c8cc5098203355965
Linux/Linux
1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - 687d26d43a5aaf44323ce7d601cf242bb87e9559
... and 25 more
Published
May 08, 2026
Tracked Since
May 08, 2026