Linux · Linux Kernel · CVE-2016-20022
**Name of the Vulnerable Software and Affected Versions**
Linux kernel versions prior to 4.8
**Description**
The issue is related to the `usb parse endpoint` function in `drivers/usb/core/config.c`, which does not validate the `wMaxPacketSize` field of an endpoint descriptor. This problem affects products that are no longer supported by the supplier.
**Recommendations**
For Linux kernel versions prior to 4.8, update to version 4.8 or later to resolve the issue.