Hi Szymon,
[Adding Marek]
On Wed, Nov 16, 2022 at 8:56 PM Szymon Heidrich
wrote:
>
> Hello,
>
> Similar to CVE-2021-39685 affecting the Linux kernel U-Boot is vulnerable to
> a buffer overflow
> present in the USB Gadget stack. Handling of a control transfer request with
> wLength larger than
Hello Szymon,
Looks like a generalization of CVE-2022-2347 I found earlier. While both I and
Venkatesh Yadav Abbarapu of AMD made patches for that CVE localized to DFU,
given the presence of the same problematic pattern elsewhere, the bounds check
aspect of that CVE fix would perhaps be better
Hello,
Similar to CVE-2021-39685 affecting the Linux kernel U-Boot is vulnerable to a
buffer overflow
present in the USB Gadget stack. Handling of a control transfer request with
wLength larger than
USB_BUFSIZ (4096) may result in a buffer overflow.
The buffer for USB control endpoint is
3 matches
Mail list logo