Lucene search

K
ubuntucveUbuntu.comUB:CVE-2023-52781
HistoryMay 21, 2024 - 12:00 a.m.

CVE-2023-52781

2024-05-2100:00:00
ubuntu.com
ubuntu.com
5
linux kernel
usb
bos descriptor

AI Score

6.5

Confidence

High

EPSS

0

Percentile

15.5%

In the Linux kernel, the following vulnerability has been resolved: usb:
config: fix iteration issue in ‘usb_get_bos_descriptor()’ The BOS
descriptor defines a root descriptor and is the base descriptor for
accessing a family of related descriptors. Function
‘usb_get_bos_descriptor()’ encounters an iteration issue when skipping the
‘USB_DT_DEVICE_CAPABILITY’ descriptor type. This results in the same
descriptor being read repeatedly. To address this issue, a ‘goto’ statement
is introduced to ensure that the pointer and the amount read is updated
correctly. This ensures that the function iterates to the next descriptor
instead of reading the same descriptor repeatedly.