VYPR
Medium severity6.5NVD Advisory· Published May 18, 2020· Updated Jun 17, 2026

CVE-2020-13143

CVE-2020-13143

Description

gadget_dev_desc_UDC_store in drivers/usb/gadget/configfs.c in the Linux kernel 3.16 through 5.6.13 relies on kstrdup without considering the possibility of an internal '\0' value, which allows attackers to trigger an out-of-bounds read, aka CID-15753588bcd4.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

133

Patches

Vulnerability mechanics

References

16

News mentions

0

No linked articles in our index yet.