Published: 16/03/2022 Updated: 08/02/2024

CVSS v2 Base Score: 6.5 | Impact Score: 6.4 | Exploitability Score: 8

CVSS v3 Base Score: 8.8 | Impact Score: 5.9 | Exploitability Score: 2.8

VMScore: 578

Vector: AV:N/AC:L/Au:S/C:P/I:P/A:P

In drivers/usb/gadget/udc/udc-xilinx.c in the Linux kernel prior to 5.16.12, the endpoint index is not validated and might be manipulated by the host for out-of-array access.

Vulnerable Product	Search on Vulmon	Subscribe to Product
linux linux kernel
netapp active iq unified manager -
netapp h500s_firmware -
netapp h700s_firmware -
netapp h300e_firmware -
netapp h500e_firmware -
netapp h700e_firmware -
netapp h410s_firmware -
netapp h300s_firmware -
debian debian linux 9.0

Several security issues were fixed in the Linux kernel ...

In drivers/usb/gadget/udc/udc-xilinxc in the Linux kernel before 51612, the endpoint index is not validated and might be manipulated by the host for out-of-array access ...

CWE-129 https://github.com/torvalds/linux/commit/7f14c7227f342d9932f9b918893c8814f86d2a0d https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.16.12 https://security.netapp.com/advisory/ntap-20220419-0001/https://lists.debian.org/debian-lts-announce/2022/07/msg00000.html https://nvd.nist.gov https://ubuntu.com/security/notices/USN-5413-1

CVE-2022-27223

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect