4 matches found
Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: usb: rndishost: The secure rdrisquery check prevents integer overflow. The variables off and len, which are typed as uint32 in the rdrisquery function, are controlled by the incoming RNDIS response message. Therefore, their value...
CVE-2023-54110 usb: rndis_host: Secure rndis_query check against int overflow
In the Linux kernel, the following vulnerability has been resolved: usb: rndishost: Secure rndisquery check against int overflow Variables off and len typed as uint32 in rndisquery function are controlled by incoming RNDIS response message thus their value may be manipulated. Setting off to a...
CVE-2023-54110
The CVE-2023-54110 issue is in the Linux kernel's usb rndis_host rndis_query path, where off and len (uint32) can be influenced by a received RNDIS response, enabling an out-of-bounds access and information leakage (e.g., via OID_802_3_PERMANENT_ADDRESS). Connected advisories (SUSE, EulerOS, Astr...
PT-2025-53187
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel’s rndis query function where variables off and len, typed as uint32, are susceptible to manipulation through incoming RNDIS response messages. An attack...