4.6
CVSSv3

CVE-2022-25258

Published: 16/02/2022 Updated: 11/05/2022
CVSS v2 Base Score: 4.9 | Impact Score: 6.9 | Exploitability Score: 3.9
CVSS v3 Base Score: 4.6 | Impact Score: 3.6 | Exploitability Score: 0.9
Vector: AV:L/AC:L/Au:N/C:N/I:N/A:C

Vulnerability Summary

An issue exists in drivers/usb/gadget/composite.c in the Linux kernel prior to 5.16.10. The USB Gadget subsystem lacks certain validation of interface OS descriptor requests (ones with a large array index and ones associated with NULL function pointer retrieval). Memory corruption might occur.

Most Upvoted Vulmon Research Post

There is no Researcher post for this vulnerability
Would you like to share something about it? Sign up now to share your knowledge with the community.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

linux linux kernel

fedoraproject fedora 35

debian debian linux 9.0

debian debian linux 10.0

debian debian linux 11.0

Vendor Advisories

An issue was discovered in the Linux kernel before 51610 The USB Gadget subsystem lacks certain validation of interface OS descriptor requests (ones with a large array index and ones associated with NULL function pointer retrieval) Memory corruption might occur ...
Several security issues were fixed in the Linux kernel ...
Several security issues were fixed in the Linux kernel ...
Several security issues were fixed in the Linux kernel ...
Several security issues were fixed in the Linux kernel ...
Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks CVE-2021-43976 Zekun Shen and Brendan Dolan-Gavitt discovered a flaw in the mwifiex_usb_recv() function of the Marvell WiFi-Ex USB Driver An attacker able to connect a crafted USB device can ...
Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks CVE-2020-29374 Jann Horn of Google reported a flaw in Linux's virtual memory management A parent and child process initially share all their memory, but when either writes to a shared page, ...

Github Repositories

d-os-descriptor Summary The USB Gadget Subsystem includes security issues in the OS descriptor handling section of composite_setup function (compositec) Processing of properly crafted control transfer request messages result in device crash due to null pointer dereference or memory corruption Description The OS descriptor handling section of composite_setup for interface rec

PoC in GitHub 2022 CVE-2022-0185 (2022-02-11) A heap-based buffer overflow flaw was found in the way the legacy_parse_param function in the Filesystem Context functionality of the Linux kernel verified the supplied parameters length An unprivileged (in case of unprivileged user namespaces enabled, otherwise needs namespaced CAP_SYS_ADMIN privilege) local user able to open a f