CVE-2018-20169
CVE-2018-20169
An issue was discovered in the Linux kernel before 4.19.9. The USB subsystem mishandles size checks during the reading of an extra descriptor, related to __usb_get_extra_descriptor in drivers/usb/core/usb.c.
Affected products
n/a · n/aWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=704620afc70cf47abb9d6a1a57f3825d2bca49cfhttps://access.redhat.com/errata/RHSA-2019:3309https://access.redhat.com/errata/RHSA-2019:3517https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.9https://github.com/torvalds/linux/commit/704620afc70cf47abb9d6a1a57f3825d2bca49cfhttps://lists.debian.org/debian-lts-announce/2019/03/msg00034.htmlhttps://lists.debian.org/debian-lts-announce/2019/04/msg00004.htmlhttps://lists.debian.org/debian-lts-announce/2019/05/msg00002.htmlhttps://usn.ubuntu.com/3879-1/https://usn.ubuntu.com/3879-2/https://usn.ubuntu.com/4094-1/https://usn.ubuntu.com/4118-1/