Description
An issue was discovered in drivers/usb/storage/ene_ub6250.c for the ENE UB6250 reader driver in the Linux kernel before 6.2.5. An object could potentially extend beyond the end of an allocation.
References (3)
Core 3
Core References
Mailing List, Patch
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=ce33e64c1788912976b61314b56935abd4bc97ef
Third Party Advisory
https://security.netapp.com/advisory/ntap-20231116-0004/
Scores
CVSS v3
5.5
EPSS
0.0002
EPSS Percentile
7.0%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Details
CWE
CWE-770
Status
published
Products (3)
linux/linux_kernel
< 6.2.5
netapp/active_iq_unified_manager
netapp/h410c_firmware
Published
Oct 14, 2023
Tracked Since
Feb 18, 2026