Note:
This project will be discontinued after December 13, 2021. [more]
2018-12-17
An issue was discovered in the Linux kernel before 4.19.9. The USB subsystem mishandles size checks during the reading of an extra descriptor, related to __usb_get_extra_descriptor in drivers/usb/core/usb.c.
Products | Ubuntu_linux, Debian_linux, Linux_kernel |
Type | Uncontrolled Resource Consumption (CWE-400) |
First patch |
https://github.com/torvalds/linux/commit/704620afc70cf47abb9d6a1a57f3825d2bca49cf |
Relevant file/s |
• ./drivers/usb/core/hub.c (modified, +1, -1)
• ./drivers/usb/core/usb.c (modified, +3, -3) • ./drivers/usb/host/hwa-hc.c (modified, +1, -1) • ./include/linux/usb.h (modified, +2, -2) |
Links |
• http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=704620afc70cf47abb9d6a1a57f3825d2bca49cf
• https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.9 • https://lists.debian.org/debian-lts-announce/2019/03/msg00034.html • https://lists.debian.org/debian-lts-announce/2019/05/msg00002.html • https://usn.ubuntu.com/3879-1/ |
Navigation
Patch data:
Patched area:
(on by default)
Patched area: