CVE-2022-48948
EUVD-2022-5382721.10.2024, 20:15
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: uvc: Prevent buffer overflow in setup handler Setup function uvc_function_setup permits control transfer requests with up to 64 bytes of payload (UVC_MAX_REQUEST_SIZE), data stage handler for OUT transfer uses memcpy to copy req->actual bytes to uvc_event->data.data array of size 60. This may result in an overflow of 4 bytes.
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| linux | linux_kernel | 2.6.35 ≤ 𝑥 < 4.9.337 |
| linux | linux_kernel | 4.10 ≤ 𝑥 < 4.14.303 |
| linux | linux_kernel | 4.15 ≤ 𝑥 < 4.19.270 |
| linux | linux_kernel | 4.20 ≤ 𝑥 < 5.4.229 |
| linux | linux_kernel | 5.5 ≤ 𝑥 < 5.10.161 |
| linux | linux_kernel | 5.11 ≤ 𝑥 < 5.15.85 |
| linux | linux_kernel | 5.16 ≤ 𝑥 < 6.0.15 |
| linux | linux_kernel | 6.1 |
𝑥
= Vulnerable software versions
Debian Releases
openSUSE / SLES Releases
openSUSE Product | |||||||||
|---|---|---|---|---|---|---|---|---|---|
| kernel-64kb |
| ||||||||
| kernel-azure |
| ||||||||
| kernel-default |
| ||||||||
| kernel-default-base |
| ||||||||
| kernel-docs |
| ||||||||
| kernel-macros |
| ||||||||
| kernel-obs-build |
| ||||||||
| kernel-source |
| ||||||||
| kernel-source-azure |
| ||||||||
| kernel-syms |
| ||||||||
| kernel-syms-azure |
| ||||||||
| kernel-zfcpdump |
| ||||||||
| reiserfs-kmp-default |
|
References