Lucene search

K
cvelistMitreCVELIST:CVE-2022-25258
HistoryFeb 16, 2022 - 12:00 a.m.

CVE-2022-25258

2022-02-1600:00:00
mitre
www.cve.org

6.6 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

46.3%

An issue was discovered in drivers/usb/gadget/composite.c in the Linux kernel before 5.16.10. The USB Gadget subsystem lacks certain validation of interface OS descriptor requests (ones with a large array index and ones associated with NULL function pointer retrieval). Memory corruption might occur.