4 matches found
Siemens Ruggedcom ROX Missing Lock Check (CVE-2022-48926)
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: rndis: add spinlock for rndis response list There's no lock for rndis response list. It could cause list corruption if there're two different listadd at the same time like below. It's better to add in rndisaddrespons...
CVE-2023-54110 usb: rndis_host: Secure rndis_query check against int overflow
In the Linux kernel, the following vulnerability has been resolved: usb: rndishost: Secure rndisquery check against int overflow Variables off and len typed as uint32 in rndisquery function are controlled by incoming RNDIS response message thus their value may be manipulated. Setting off to a...
CVE-2022-48926
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: rndis: add spinlock for rndis response list There's no lock for rndis response list. It could cause list corruption if there're two different listadd at the same time like below. It's better to add in rndisaddrespons...
PT-2022-7485 · Linux +3 · Linux Kernel +3
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The vulnerability is related to a lack of locking in the rndis response list, which could cause list corruption if two different list add operations occur at the same time. This issue...