Vulnerabilities

CVE-2022-25258

by Fred · 16/02/2022

An issue was discovered in the Linux kernel before 5.16.10. The USB Gadget subsystem lacks certain validation of interface OS descriptor requests (ones with a large array index and ones associated with NULL function pointer retrieval). Memory corruption might occur.

Date published : 2022-02-16

https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.16.10

https://github.com/szymonh/d-os-descriptor

Similar

Tags: Cybersecurity Alert