Описание
The function hso_get_config_data in drivers/net/usb/hso.c in the Linux kernel through 4.19.8 reads if_num from the USB device (as a u8) and uses it to index a small array, resulting in an object out-of-bounds (OOB) read that potentially allows arbitrary read in the kernel address space.
Ссылки
- Mailing ListPatchRelease NotesThird Party Advisory
- Mailing ListPatchRelease NotesThird Party Advisory
- Release NotesThird Party AdvisoryVDB Entry
- PatchThird Party Advisory
- Third Party Advisory
- Mailing ListThird Party Advisory
- Mailing ListThird Party Advisory
- Mailing ListPatchThird Party Advisory
- Third Party Advisory
- Mailing ListPatchRelease NotesThird Party Advisory
- Mailing ListPatchRelease NotesThird Party Advisory
- Release NotesThird Party AdvisoryVDB Entry
- PatchThird Party Advisory
- Third Party Advisory
Уязвимые конфигурации
Одно из
EPSS
4.6 Medium
CVSS3
2.1 Low
CVSS2
Дефекты
Связанные уязвимости
The function hso_get_config_data in drivers/net/usb/hso.c in the Linux kernel through 4.19.8 reads if_num from the USB device (as a u8) and uses it to index a small array, resulting in an object out-of-bounds (OOB) read that potentially allows arbitrary read in the kernel address space.
The function hso_get_config_data in drivers/net/usb/hso.c in the Linux kernel through 4.19.8 reads if_num from the USB device (as a u8) and uses it to index a small array, resulting in an object out-of-bounds (OOB) read that potentially allows arbitrary read in the kernel address space.
The function hso_get_config_data in drivers/net/usb/hso.c in the Linux ...
The function hso_get_config_data in drivers/net/usb/hso.c in the Linux kernel through 4.19.8 reads if_num from the USB device (as a u8) and uses it to index a small array, resulting in an object out-of-bounds (OOB) read that potentially allows arbitrary read in the kernel address space.
Уязвимость функции hso_get_config_data ядра операционных систем Linux, позволяющая нарушителю вызвать отказ в обслуживании
EPSS
4.6 Medium
CVSS3
2.1 Low
CVSS2