VYPR

HoRNDIS

by HoRNDIS

CVEs (1)

  • CVE-2020-15137MedAug 12, 2020
    risk 0.36cvss 5.5epss 0.00

    All versions of HoRNDIS are affected by an integer overflow in the RNDIS packet parsing routines. A malicious USB device can trigger disclosure of unrelated kernel memory to userspace applications on the host, or can cause the kernel to crash. Kernel memory disclosure is…