GHSA-x48h-3p3j-rpqg

Опубликовано: 09 дек. 2025

Источник: github

Github: Не прошло ревью

Описание

In the Linux kernel, the following vulnerability has been resolved:

usb: early: xhci-dbc: Fix a potential out-of-bound memory access

If xdbc_bulk_write() fails, the values in 'buf' can be anything. So the string is not guaranteed to be NULL terminated when xdbc_trace() is called.

Reserve an extra byte, which will be zeroed automatically because 'buf' is a static variable, in order to avoid troubles, should it happen.

In the Linux kernel, the following vulnerability has been resolved:

usb: early: xhci-dbc: Fix a potential out-of-bound memory access

If xdbc_bulk_write() fails, the values in 'buf' can be anything. So the string is not guaranteed to be NULL terminated when xdbc_trace() is called.

Reserve an extra byte, which will be zeroed automatically because 'buf' is a static variable, in order to avoid troubles, should it happen.

Ссылки

EPSS

Процентиль: 6%

0.00025

Низкий

CVE ID

CVE-2023-53840

Связанные уязвимости

CVE-2023-53840

ubuntu

2 месяца назад

In the Linux kernel, the following vulnerability has been resolved: usb: early: xhci-dbc: Fix a potential out-of-bound memory access If xdbc_bulk_write() fails, the values in 'buf' can be anything. So the string is not guaranteed to be NULL terminated when xdbc_trace() is called. Reserve an extra byte, which will be zeroed automatically because 'buf' is a static variable, in order to avoid troubles, should it happen.