High severity8.4OSV Advisory· Published Jun 27, 2024· Updated Jun 17, 2026
CVE-2016-20022
CVE-2016-20022
Description
In the Linux kernel before 4.8, usb_parse_endpoint in drivers/usb/core/config.c does not validate the wMaxPacketSize field of an endpoint descriptor. NOTE: This vulnerability only affects products that are no longer supported by the supplier.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
8- Range: v2.6.12-rc2, v2.6.12-rc3, v2.6.12-rc4, …
- osv-coords6 versionspkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4%20LTSS%20EXTREME%20COREpkg:rpm/suse/kernel-ec2&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4%20LTSS%20EXTREME%20COREpkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4%20LTSS%20EXTREME%20COREpkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4%20LTSS%20EXTREME%20COREpkg:rpm/suse/kernel-trace&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4%20LTSS%20EXTREME%20COREpkg:rpm/suse/kernel-xen&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4%20LTSS%20EXTREME%20CORE
< 3.0.101-108.159.1+ 5 more
- (no CPE)range: < 3.0.101-108.159.1
- (no CPE)range: < 3.0.101-108.159.1
- (no CPE)range: < 3.0.101-108.159.1
- (no CPE)range: < 3.0.101-108.159.1
- (no CPE)range: < 3.0.101-108.159.1
- (no CPE)range: < 3.0.101-108.159.1
Patches
Vulnerability mechanics
References
3News mentions
0No linked articles in our index yet.