PT-2022-1368 · Linux+6 · Linux Kernel+6

Szymon Heidrich

·

Published

2022-02-16

·

Updated

2023-08-14

·

CVE-2022-25258

CVSS v2.0

6.8

Medium

VectorAV:L/AC:L/Au:S/C:C/I:C/A:C
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 5.16.10
Description The issue is related to the USB Gadget subsystem in the Linux kernel, which lacks certain validation of interface OS descriptor requests. This can lead to memory corruption. The vulnerability is associated with a missing bounds check in the composite setup function of composite.c, allowing for a possible out of bounds write. This could lead to local escalation of privilege when connecting a malicious USB device, with no additional execution privileges needed. User interaction is not required for exploitation.
Recommendations For Linux kernel versions prior to 5.16.10, update to version 5.16.10 or later to resolve the issue. As a temporary workaround, consider restricting the use of USB devices to minimize the risk of exploitation.

Fix

NULL Pointer Dereference

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-476CWE-119

Related Identifiers

ALT-PU-2022-1387
ALT-PU-2022-1456
ALT-PU-2022-1647
ALT-PU-2022-2155
ALT-PU-2023-1684
ALT-PU-2023-1741
ALT-PU-2023-1814
ALT-PU-2023-4894
ASB-A-222023189
AZL-8655
BDU:2022-00888
CVE-2022-25258
DLA-2940-1
DLA-2941-1
DSA-5092-1
DSA-5096-1
MGASA-2022-0092
MGASA-2022-0095
OESA-2022-1559
OPENSUSE-SU-2022:1037-1
OPENSUSE-SU-2022:1039-1
OPENSUSE-SU-2022_1037-1
OPENSUSE-SU-2022_1039-1
SUSE-SU-2022:0759-1
SUSE-SU-2022:1037-1
SUSE-SU-2022:1038-1
SUSE-SU-2022:1039-1
SUSE-SU-2022:1257-1
USN-5415-1
USN-5417-1
USN-5418-1
USN-5540-1

Affected Products

Alt Linux
Astra Linux
Linuxmint
Linux Kernel
Red Os
Suse
Ubuntu