Lucene search

K
osvGoogleOSV:ASB-A-162326603
HistoryJun 01, 2022 - 12:00 a.m.

[RNDIS protocol integer overflow, resulting in memory overflow] - #1, rndis_set_response

2022-06-0100:00:00
Google
osv.dev
28
rndis protocol
integer overflow
out of bounds read
rndis_set_response
rndis.c
local information disclosure
software

EPSS

0.001

Percentile

18.0%

In rndis_set_response of rndis.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

CPENameOperatorVersion
kerneleqKernel