DEBIAN-CVE-2018-19985
The function hsogetconfigdata in drivers/net/usb/hso.c in the Linux kernel through 4.19.8 reads ifnum from the USB device as a u8 and uses it to index a small array, resulting in an object out-of-bounds OOB read that potentially allows arbitrary read in the kernel address space...