4 matches found
CVE-2022-29223
Azure RTOS USBX is a USB host, device, and on-the-go OTG embedded stack. In versions prior to 6.1.10, an attacker can cause a buffer overflow by providing the Azure RTOS USBX host stack a HUB descriptor with bNbPorts set to a value greater than UXMAXTT which defaults to 8. For a bNbPorts value of...
CVE-2022-29223
Azure RTOS USBX is a USB host, device, and on-the-go OTG embedded stack. In versions prior to 6.1.10, an attacker can cause a buffer overflow by providing the Azure RTOS USBX host stack a HUB descriptor with bNbPorts set to a value greater than UXMAXTT which defaults to 8. For a bNbPorts value of...
CVE-2022-29223 Buffer overflow on HUB descriptor in Azure RTOS USBX
Azure RTOS USBX is a USB host, device, and on-the-go OTG embedded stack. In versions prior to 6.1.10, an attacker can cause a buffer overflow by providing the Azure RTOS USBX host stack a HUB descriptor with bNbPorts set to a value greater than UXMAXTT which defaults to 8. For a bNbPorts value of...
CVE-2022-29223
Azure RTOS USBX contains a buffer overflow vulnerability in the USB host stack when processing a HUB descriptor with bNbPorts greater than UX_MAX_TT (default 8) in versions prior to 6.1.10. In particular, a HUB descriptor with bNbPorts = 255 can cause ux_host_class_hub_descriptor_get to write bey...