CVE-2020-13143 - Vulncode-DB

CVE-2020-13143 (NVD)

2020-05-18

gadget_dev_desc_UDC_store in drivers/usb/gadget/configfs.c in the Linux kernel 3.16 through 5.6.13 relies on kstrdup without considering the possibility of an internal '\0' value, which allows attackers to trigger an out-of-bounds read, aka CID-15753588bcd4.

Products	Ubuntu_linux, Debian_linux, Linux_kernel, A700s_firmware, Active_iq_unified_manager, Bootstrap_os, Cloud_backup, Element_software, H300e_firmware, H300s_firmware, H410c_firmware, H410s_firmware, H500e_firmware, H500s_firmware, H610c_firmware, H610s_firmware, H615c_firmware, H700e_firmware, H700s_firmware, Hci_management_node, Solidfire, Solidfire_baseboard_management_controller_firmware, Steelstore_cloud_integrated_storage, Leap
Type	Out-of-bounds Read (CWE-125)
First patch	- None (likely due to unavailable code)
Patches	• https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=15753588bcd4bbffae1cca33c8ced5722477fe1f • https://git.kernel.org/pub/scm/linux/kernel/git/tip/tip.git/commit/?id=d126cf46f829d146dde3e6a8963e095ac6cfcd1c
Links	• https://lists.debian.org/debian-lts-announce/2020/06/msg00013.html • https://usn.ubuntu.com/4411-1/ • https://lists.debian.org/debian-lts-announce/2020/06/msg00012.html • http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00008.html • https://security.netapp.com/advisory/ntap-20200608-0001/ More/Less (9) • https://lists.debian.org/debian-lts-announce/2020/06/msg00011.html • https://www.spinics.net/lists/linux-usb/msg194331.html • http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00022.html • https://usn.ubuntu.com/4412-1/ • https://usn.ubuntu.com/4414-1/ • https://usn.ubuntu.com/4413-1/ • https://www.debian.org/security/2020/dsa-4698 • https://www.debian.org/security/2020/dsa-4699 • https://usn.ubuntu.com/4419-1/