SB2024071751 - Out-of-bounds read in Linux kernel net usb driver
Published: July 17, 2024 Updated: May 13, 2025
Security Bulletin ID
SB2024071751
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Local access
Highest impact
Denial of service
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Out-of-bounds read (CVE-ID: CVE-2022-48805)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the ax88179_rx_fixup() function in drivers/net/usb/ax88179_178a.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/711b6bf3fb052f0a6b5b3205d50e30c0c2980382
- https://git.kernel.org/stable/c/63f0cfb36c1f1964a59ce544156677601e2d8740
- https://git.kernel.org/stable/c/1668781ed24da43498799aa4f65714a7de201930
- https://git.kernel.org/stable/c/a0fd5492ee769029a636f1fb521716b022b1423d
- https://git.kernel.org/stable/c/758290defe93a865a2880d10c5d5abd288b64b5d
- https://git.kernel.org/stable/c/ffd0393adcdcefab7e131488e10dcfde5e02d6eb
- https://git.kernel.org/stable/c/9681823f96a811268265f35307072ad80713c274
- https://git.kernel.org/stable/c/57bc3d3ae8c14df3ceb4e17d26ddf9eeab304581
- https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.268
- https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.231
- https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.303
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.101
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.24
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.16.10
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.17
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.180