7 matches found
Bluetooth: btusb: clamp SCO altsetting table indices
...
CVE-2025-55099
In USBX before 6.4.3, the USB support module for Eclipse Foundation ThreadX, there was a potential out of bound read issue in uxhostclassaudioalternatesettinglocate when parsing a descriptor with attacker-controlled frequency fields...
CVE-2025-55099
In USBX before 6.4.3, the USB support module for Eclipse Foundation ThreadX, there was a potential out of bound read issue in uxhostclassaudioalternatesettinglocate when parsing a descriptor with attacker-controlled frequency fields...
CVE-2025-55099
In USBX before 6.4.3, the USB support module for Eclipse Foundation ThreadX, there was a potential out of bound read issue in uxhostclassaudioalternatesettinglocate when parsing a descriptor with attacker-controlled frequency fields...
EUVD-2025-34865
In USBX before 6.4.3, the USB support module for Eclipse Foundation ThreadX, there was a potential out of bound read issue in uxhostclassaudioalternatesettinglocate when parsing a descriptor with attacker-controlled frequency fields...
CVE-2025-55099 Potential out-of-bounds read in _ux_host_class_audio_alternate_setting_locate()
In USBX before 6.4.3, the USB support module for Eclipse Foundation ThreadX, there was a potential out of bound read issue in uxhostclassaudioalternatesettinglocate when parsing a descriptor with attacker-controlled frequency fields...
CVE-2025-55099
CVE-2025-55099 concerns Eclipse ThreadX USBX prior to 6.4.3, where the USB support module has a potential out-of-bounds read in _ux_host_class_audio_alternate_setting_locate() when parsing a descriptor with attacker-controlled frequency fields. Red Hat and multiple sources reiterate this exact is...