Szymon Heidrich

2 exploits Active since Feb 2022

CVE-2022-25258 WRITEUP MEDIUM WRITEUP

Linux Kernel < 5.16.10 - Memory Corruption via USB Gadget Interface OS Descriptor Request

An issue was discovered in drivers/usb/gadget/composite.c in the Linux kernel before 5.16.10. The USB Gadget subsystem lacks certain validation of interface OS descriptor requests (ones with a large array index and ones associated with NULL function pointer retrieval). Memory corruption might occur.

CVSS 4.6

View Code

CVE-2022-27223 WRITEUP HIGH WRITEUP

Linux Kernel < 5.16.12 - Out-of-Bounds Write via USB Gadget Endpoint Index

In drivers/usb/gadget/udc/udc-xilinx.c in the Linux kernel before 5.16.12, the endpoint index is not validated and might be manipulated by the host for out-of-array access.

CVSS 8.8

View Code