CVE-2026-45923

None

No severity ratings or metrics are available. When they are, we'll update the corresponding info on the page.

In the Linux kernel, the following vulnerability has been resolved:

net: usb: catc: enable basic endpoint checking

catc probe() fills three URBs with hardcoded endpoint pipes without verifying the endpoint descriptors:

usb sndbulkpipe(usbdev, 1) and usb rcvbulkpipe(usbdev, 1) for TX/RX
usb rcvintpipe(usbdev, 2) for interrupt status

A malformed USB device can present these endpoints with transfer types that differ from what the driver assumes.

Add a catc usb ep enum for endpoint numbers, replacing magic constants throughout. Add usb check bulk endpoints() and usb check int endpoints() calls after usb set interface() to verify endpoint types before use, rejecting devices with mismatched descriptors at probe time.

Similar to

commit 90b7f2961798 ("net: usb: rtl8150: enable basic endpoint checking") which fixed the issue in rtl8150.

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2026-45923

Affected Products

Linux

CVE-2026-45923

Related Identifiers

Affected Products

References · 8