PT-2022-1355 · Linux+6 · Linux Kernel+6

Szymon Heidrich

·

Published

2022-02-20

·

Updated

2023-08-14

·

CVE-2022-25375

CVSS v3.1

5.5

Medium

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 5.16.10
Description The issue is related to the RNDIS USB gadget in the Linux kernel, which lacks validation of the size of the RNDIS MSG SET command. This can allow attackers to obtain sensitive information from kernel memory. The vulnerability is associated with information disclosure and can be exploited to gain unauthorized access to protected information.
Recommendations For Linux kernel versions prior to 5.16.10, update to version 5.16.10 or later to resolve the issue. As a temporary workaround, consider disabling the RNDIS USB gadget functionality until a patch is available. Restrict access to the rndis set response function in rndis.c to minimize the risk of exploitation. Avoid using the RNDIS MSG SET command in the affected API endpoint until the issue is resolved.

Exploit

Fix

Information Disclosure

Exposure of Resource to Wrong Sphere

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-200CWE-1284CWE-668

Related Identifiers

ALT-PU-2022-1387
ALT-PU-2022-1456
ALT-PU-2022-1647
ALT-PU-2022-2155
ALT-PU-2023-1684
ALT-PU-2023-1741
ALT-PU-2023-1814
ALT-PU-2023-4894
ASB-A-162326603
AZL-8656
BDU:2022-00891
CVE-2022-25375
DLA-2940-1
DLA-2941-1
DSA-5092-1
DSA-5096-1
MGASA-2022-0092
MGASA-2022-0095
OESA-2022-1559
OPENSUSE-SU-2022:0755-1
OPENSUSE-SU-2022:0760-1
OPENSUSE-SU-2022_0755-1
OPENSUSE-SU-2022_0760-1
SUSE-SU-2022:0755-1
SUSE-SU-2022:0759-1
SUSE-SU-2022:0760-1
SUSE-SU-2022:0763-1
SUSE-SU-2022:1257-1
USN-5415-1
USN-5417-1
USN-5418-1
USN-5540-1

Affected Products

Alt Linux
Astra Linux
Linuxmint
Linux Kernel
Red Os
Suse
Ubuntu