In the Linux kernel, the following vulnerability has been resolved:
usb: gadget: rndis: prevent integer overflow in rndis_set_response()
If “BufOffset” is very large the “BufOffset + 8” operation can have an
integer overflow.
[
{
"product": "Linux",
"vendor": "Linux",
"defaultStatus": "unaffected",
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"programFiles": [
"drivers/usb/gadget/function/rndis.c"
],
"versions": [
{
"version": "ff0a90739925",
"lessThan": "8b3e4d26bc9c",
"status": "affected",
"versionType": "git"
},
{
"version": "4c22fbcef778",
"lessThan": "c7953cf03a26",
"status": "affected",
"versionType": "git"
},
{
"version": "db9aaa302629",
"lessThan": "138d4f739b35",
"status": "affected",
"versionType": "git"
},
{
"version": "c9e952871ae4",
"lessThan": "218293762683",
"status": "affected",
"versionType": "git"
},
{
"version": "fb4ff0f96de3",
"lessThan": "28bc0267399f",
"status": "affected",
"versionType": "git"
},
{
"version": "2da3b0ab54fb",
"lessThan": "56b38e3ca406",
"status": "affected",
"versionType": "git"
},
{
"version": "2724ebafda0a",
"lessThan": "df7e088d51cd",
"status": "affected",
"versionType": "git"
},
{
"version": "38ea1eac7d88",
"lessThan": "65f3324f4b6f",
"status": "affected",
"versionType": "git"
}
]
},
{
"product": "Linux",
"vendor": "Linux",
"defaultStatus": "unaffected",
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"programFiles": [
"drivers/usb/gadget/function/rndis.c"
],
"versions": [
{
"version": "4.9.302",
"lessThan": "4.9.308",
"status": "affected",
"versionType": "custom"
},
{
"version": "4.14.267",
"lessThan": "4.14.273",
"status": "affected",
"versionType": "custom"
},
{
"version": "4.19.230",
"lessThan": "4.19.236",
"status": "affected",
"versionType": "custom"
},
{
"version": "5.4.180",
"lessThan": "5.4.187",
"status": "affected",
"versionType": "custom"
},
{
"version": "5.10.101",
"lessThan": "5.10.108",
"status": "affected",
"versionType": "custom"
},
{
"version": "5.15.24",
"lessThan": "5.15.31",
"status": "affected",
"versionType": "custom"
},
{
"version": "5.16.10",
"lessThan": "5.16.17",
"status": "affected",
"versionType": "custom"
}
]
}
]
git.kernel.org/stable/c/138d4f739b35dfb40438a0d5d7054965763bfbe7
git.kernel.org/stable/c/21829376268397f9fd2c35cfa9135937b6aa3a1e
git.kernel.org/stable/c/28bc0267399f42f987916a7174e2e32f0833cc65
git.kernel.org/stable/c/56b38e3ca4064041d93c1ca18828c8cedad2e16c
git.kernel.org/stable/c/65f3324f4b6fed78b8761c3b74615ecf0ffa81fa
git.kernel.org/stable/c/8b3e4d26bc9cd0f6373d0095b9ffd99e7da8006b
git.kernel.org/stable/c/c7953cf03a26876d676145ce5d2ae6d8c9630b90
git.kernel.org/stable/c/df7e088d51cdf78b1a0bf1f3d405c2593295c7b0