Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

CVE-2022-25258

Related Vulnerabilities: CVE-2022-25258  

An issue was discovered in the Linux kernel before 5.16.10. The USB Gadget subsystem lacks certain validation of interface OS descriptor requests (ones with a large array index and ones associated with NULL function pointer retrieval). Memory corruption might occur.

Source

Description

The MITRE CVE dictionary describes this issue as:

An issue was discovered in the Linux kernel before 5.16.10. The USB Gadget subsystem lacks certain validation of interface OS descriptor requests (ones with a large array index and ones associated with NULL function pointer retrieval). Memory corruption might occur.

Additional Information

  • Bugzilla 2055502: CVE-2022-25258 kernel: security issues in the OS descriptor handling section of composite_setup function (composite.c)
  • FAQ: Frequently asked questions about CVE-2022-25258

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook

Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started