In the Linux kernel, the following vulnerability has been resolved: comedi: vmk80xx: fix bulk-buffer overflow The driver is using endpoint-sized buffers but must not assume that the tx and rx buffers are of equal size or a malicious device could overflow the slab-allocated receive buffer when doing bulk transfers.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Debian | 12 | all | linux | < 5.15.3-1 | linux_5.15.3-1_all.deb |
Debian | 11 | all | linux | < 5.10.84-1 | linux_5.10.84-1_all.deb |
Debian | 10 | all | linux | < 4.19.232-1 | linux_4.19.232-1_all.deb |
Debian | 999 | all | linux | < 5.15.3-1 | linux_5.15.3-1_all.deb |
Debian | 13 | all | linux | < 5.15.3-1 | linux_5.15.3-1_all.deb |