vulnerability
Red Hat: CVE-2018-20169: missing size check in the __usb_get_extra_descriptor() leading to DoS (Multiple Advisories)
Severity | CVSS | Published | Added | Modified |
---|---|---|---|---|
7 | (AV:L/AC:L/Au:N/C:C/I:C/A:C) | Dec 17, 2018 | Nov 6, 2019 | Mar 13, 2024 |
Severity
7
CVSS
(AV:L/AC:L/Au:N/C:C/I:C/A:C)
Published
Dec 17, 2018
Added
Nov 6, 2019
Modified
Mar 13, 2024
Description
An issue was discovered in the Linux kernel before 4.19.9. The USB subsystem mishandles size checks during the reading of an extra descriptor, related to __usb_get_extra_descriptor in drivers/usb/core/usb.c.
Solution(s)
redhat-upgrade-kernelredhat-upgrade-kernel-rt

NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.