vulnerability

Red Hat: CVE-2018-20169: missing size check in the __usb_get_extra_descriptor() leading to DoS (Multiple Advisories)

Severity
7
CVSS
(AV:L/AC:L/Au:N/C:C/I:C/A:C)
Published
Dec 17, 2018
Added
Nov 6, 2019
Modified
Mar 13, 2024

Description

An issue was discovered in the Linux kernel before 4.19.9. The USB subsystem mishandles size checks during the reading of an extra descriptor, related to __usb_get_extra_descriptor in drivers/usb/core/usb.c.

Solution(s)

redhat-upgrade-kernelredhat-upgrade-kernel-rt
Title
NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.