216.73.216.86

CVE-2022-48866

· Published 16/07/2024 13:15 · Modified 16/07/2024 13:43

Labels: CVE-2022-48866 2024-07-16416baaa9-dc9f-4396-8d5f-8c081fb06d67CVE-2022-48866

Essential information

Published
16/07/2024 13:15
Modified
16/07/2024 13:43
Author
Creator
CISA KEV
No
CWE

Description

In the Linux kernel, the following vulnerability has been resolved: HID: hid-thrustmaster: fix OOB read in thrustmaster_interrupts Syzbot reported an slab-out-of-bounds Read in thrustmaster_probe() bug. The root case is in missing validation check of actual number of endpoints. Code should not blindly access usb_host_interface::endpoint array, since it may contain less endpoints than code expects. Fix it by adding missing validaion check and print an error if number of endpoints do not match expected number

NVD status

Status
Awaiting Analysis — CVE has been marked for Analysis. Normally once in this state the CVE will be analyzed by NVD staff within 24 hours.
Source
416baaa9-dc9f-4396-8d5f-8c081fb06d67
NVD
View on NVD

References