7.1

CVE-2026-43427

usb: class: cdc-wdm: fix reordering issue in read code path

In the Linux kernel, the following vulnerability has been resolved:

usb: class: cdc-wdm: fix reordering issue in read code path

Quoting the bug report:

Due to compiler optimization or CPU out-of-order execution, the
desc->length update can be reordered before the memmove. If this
happens, wdm_read() can see the new length and call copy_to_user() on
uninitialized memory. This also violates LKMM data race rules [1].

Fix it by using WRITE_ONCE and memory barriers.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 2.6.26.1 < 5.10.253
LinuxLinux Kernel Version >= 5.11 < 5.15.203
LinuxLinux Kernel Version >= 5.16 < 6.1.167
LinuxLinux Kernel Version >= 6.2 < 6.6.130
LinuxLinux Kernel Version >= 6.7 < 6.12.78
LinuxLinux Kernel Version >= 6.13 < 6.18.19
LinuxLinux Kernel Version >= 6.19 < 6.19.9
LinuxLinux Kernel Version2.6.26 Update-
LinuxLinux Kernel Version2.6.26 Updaterc4
LinuxLinux Kernel Version2.6.26 Updaterc5
LinuxLinux Kernel Version2.6.26 Updaterc6
LinuxLinux Kernel Version2.6.26 Updaterc7
LinuxLinux Kernel Version2.6.26 Updaterc8
LinuxLinux Kernel Version2.6.26 Updaterc9
LinuxLinux Kernel Version7.0 Updaterc1
LinuxLinux Kernel Version7.0 Updaterc2
LinuxLinux Kernel Version7.0 Updaterc3
LinuxLinux Kernel Version7.0 Updaterc4
LinuxLinux Kernel Version7.0 Updaterc5
LinuxLinux Kernel Version7.0 Updaterc6
LinuxLinux Kernel Version7.0 Updaterc7
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.13% 0.031
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.1 1.8 5.2
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
CWE-125 Out-of-bounds Read

The product reads data past the end, or before the beginning, of the intended buffer.

https://git.kernel.org/stable/c/638328ca9c17ae6511ad62198c57bae32ffa3c91
Patch
https://git.kernel.org/stable/c/170e8daca24da6edb4be82ab01abf44e87af387b
Patch
https://git.kernel.org/stable/c/c8fa96ed021923dae147bcd9f9205b8df7b82360
Patch
https://git.kernel.org/stable/c/4ee3062bf2c9a722afef429826e8607eaf3fc6a0
Patch
https://git.kernel.org/stable/c/276aef0fd2b92f41b920ac891c72cadeee957934
Patch
https://git.kernel.org/stable/c/67ed312124bb1b61858778ac0b985b48961c862a
Patch
https://git.kernel.org/stable/c/e3c874b05901dc519054b5107d16620e6d2b5fea
Patch
https://git.kernel.org/stable/c/8df672bfe3ec2268c2636584202755898e547173
Patch