VYPR
Unrated severityNVD Advisory· Published Feb 16, 2022· Updated Aug 3, 2024

CVE-2022-25258

CVE-2022-25258

Description

An issue was discovered in drivers/usb/gadget/composite.c in the Linux kernel before 5.16.10. The USB Gadget subsystem lacks certain validation of interface OS descriptor requests (ones with a large array index and ones associated with NULL function pointer retrieval). Memory corruption might occur.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

121

Patches

Vulnerability mechanics

References

8

News mentions

0

No linked articles in our index yet.