7.8

CVE-2022-50156

HID: cp2112: prevent a buffer overflow in cp2112_xfer()

In the Linux kernel, the following vulnerability has been resolved:

HID: cp2112: prevent a buffer overflow in cp2112_xfer()

Smatch warnings:
drivers/hid/hid-cp2112.c:793 cp2112_xfer() error: __memcpy()
'data->block[1]' too small (33 vs 255)
drivers/hid/hid-cp2112.c:793 cp2112_xfer() error: __memcpy() 'buf' too
small (64 vs 255)

The 'read_length' variable is provided by 'data->block[0]' which comes
from user and it(read_length) can take a value between 0-255. Add an
upper bound to 'read_length' variable to prevent a buffer overflow in
memcpy().
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 4.15.1 < 4.19.256
LinuxLinux Kernel Version >= 4.20 < 5.4.211
LinuxLinux Kernel Version >= 5.5 < 5.10.137
LinuxLinux Kernel Version >= 5.11 < 5.15.61
LinuxLinux Kernel Version >= 5.16 < 5.18.18
LinuxLinux Kernel Version >= 5.19 < 5.19.2
LinuxLinux Kernel Version4.15 Update-
LinuxLinux Kernel Version4.15 Updaterc6
LinuxLinux Kernel Version4.15 Updaterc7
LinuxLinux Kernel Version4.15 Updaterc8
LinuxLinux Kernel Version4.15 Updaterc9
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.19% 0.083
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.8 1.8 5.9
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE-787 Out-of-bounds Write

The product writes data past the end, or before the beginning, of the intended buffer.

https://git.kernel.org/stable/c/3af7d60e9a6c17d6d41c4341f8020511887d372d
Patch
https://git.kernel.org/stable/c/519ff31a6ddd87aa4905bd9bf3b92e8b88801614
Patch
https://git.kernel.org/stable/c/ebda3d6b004bb6127a66a616524a2de152302ca7
Patch
https://git.kernel.org/stable/c/8489a20ac481b08c0391608d81ed3796d373cfdf
Patch
https://git.kernel.org/stable/c/e7028944e61014ae915e7fb74963d3835f2f761a
Patch
https://git.kernel.org/stable/c/26e427ac85c2b8d0d108cc80b6de34d33e2780c4
Patch
https://git.kernel.org/stable/c/381583845d19cb4bd21c8193449385f3fefa9caf
Patch