gadget_dev_desc_UDC_store in... CVE-2020-13143

- AV AC AU C I A
发布: 2020-05-18
修订: 2020-09-24

gadget_dev_desc_UDC_store in drivers/usb/gadget/configfs.c in the Linux kernel through 5.6.13 relies on kstrdup without considering the possibility of an internal '\0' value, which allows attackers to trigger an out-of-bounds read, aka CID-15753588bcd4.

0%
暂无可用Exp或PoC
产品及版本信息(CPE)暂不可用