vulnerability
Red Hat OpenShift: CVE-2018-20169: kernel: usb: missing size check in the __usb_get_extra_descriptor() leading to DoS
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 7 | (AV:L/AC:L/Au:N/C:C/I:C/A:C) | Dec 17, 2018 | Dec 29, 2020 | Mar 30, 2026 |
Severity
7
CVSS
(AV:L/AC:L/Au:N/C:C/I:C/A:C)
Published
Dec 17, 2018
Added
Dec 29, 2020
Modified
Mar 30, 2026
Description
An issue was discovered in the Linux kernel before 4.19.9. The USB subsystem mishandles size checks during the reading of an extra descriptor, related to __usb_get_extra_descriptor in drivers/usb/core/usb.c.
Solution
linuxrpm-upgrade-redhat-coreos
References
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.