Google Git
Sign in
kernel / pub / scm / linux / security / vulns / refs/heads/sasha-vulnerable / . / cve / published / 2023 / CVE-2023-52781.json
blob: 01e5c4753c97e1417321a6570351bf5905d35d2b [file] [log] [blame]
{
"containers": {
"cna": {
"providerMetadata": {
"orgId": "f4215fc3-5b6b-47ff-a258-f7189bd81038"
},
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: config: fix iteration issue in 'usb_get_bos_descriptor()'\n\nThe BOS descriptor defines a root descriptor and is the base descriptor for\naccessing a family of related descriptors.\n\nFunction 'usb_get_bos_descriptor()' encounters an iteration issue when\nskipping the 'USB_DT_DEVICE_CAPABILITY' descriptor type. This results in\nthe same descriptor being read repeatedly.\n\nTo address this issue, a 'goto' statement is introduced to ensure that the\npointer and the amount read is updated correctly. This ensures that the\nfunction iterates to the next descriptor instead of reading the same\ndescriptor repeatedly."
}
],
"affected": [
{
"product": "Linux",
"vendor": "Linux",
"defaultStatus": "unaffected",
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"programFiles": [
"drivers/usb/core/config.c"
],
"versions": [
{
"version": "3dd550a2d36596a1b0ee7955da3b611c031d3873",
"lessThan": "9ef94ec8e52eaf7b9abc5b5f8f5b911751112223",
"status": "affected",
"versionType": "git"
},
{
"version": "3dd550a2d36596a1b0ee7955da3b611c031d3873",
"lessThan": "64c27b7b2357ddb38b6afebaf46d5bff4d250702",
"status": "affected",
"versionType": "git"
},
{
"version": "3dd550a2d36596a1b0ee7955da3b611c031d3873",
"lessThan": "f89fef7710b2ba0f7a1e46594e530dcf2f77be91",
"status": "affected",
"versionType": "git"
},
{
"version": "3dd550a2d36596a1b0ee7955da3b611c031d3873",
"lessThan": "7c0244cc311a4038505b73682b7c8ceaa5c7a8c8",
"status": "affected",
"versionType": "git"
},
{
"version": "3dd550a2d36596a1b0ee7955da3b611c031d3873",
"lessThan": "974bba5c118f4c2baf00de0356e3e4f7928b4cbc",
"status": "affected",
"versionType": "git"
},
{
"version": "77ce180d68beffd1af620d0121590e16683fc6b8",
"status": "affected",
"versionType": "git"
},
{
"version": "20a07e1aadcd6990893c532d1b2b507bfa065152",
"status": "affected",
"versionType": "git"
},
{
"version": "a5c051b6503c0ba543e993cfc295b64f096e0a29",
"status": "affected",
"versionType": "git"
},
{
"version": "ea4a173d8358b756a780786baa3fc39d282bdbe3",
"status": "affected",
"versionType": "git"
},
{
"version": "77d4e2a058858b4a94fc469bc1bfc94a0958e252",
"status": "affected",
"versionType": "git"
},
{
"version": "1fc15d29540a69cfb55c8b8f8c38f1af33178243",
"status": "affected",
"versionType": "git"
},
{
"version": "9f8dd40c68c176f2c3f1fc8b87bc81756856938f",
"status": "affected",
"versionType": "git"
}
]
},
{
"product": "Linux",
"vendor": "Linux",
"defaultStatus": "affected",
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"programFiles": [
"drivers/usb/core/config.c"
],
"versions": [
{
"version": "5.4",
"status": "affected"
},
{
"version": "0",
"lessThan": "5.4",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.10.203",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.15.142",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.1.66",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.6.4",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.7",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.4",
"versionEndExcluding": "5.10.203"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.4",
"versionEndExcluding": "5.15.142"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.4",
"versionEndExcluding": "6.1.66"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.4",
"versionEndExcluding": "6.6.4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.4",
"versionEndExcluding": "6.7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.16.79"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.4.194"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.9.194"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.14.146"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.19.75"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.2.17"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.3.1"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/9ef94ec8e52eaf7b9abc5b5f8f5b911751112223"
},
{
"url": "https://git.kernel.org/stable/c/64c27b7b2357ddb38b6afebaf46d5bff4d250702"
},
{
"url": "https://git.kernel.org/stable/c/f89fef7710b2ba0f7a1e46594e530dcf2f77be91"
},
{
"url": "https://git.kernel.org/stable/c/7c0244cc311a4038505b73682b7c8ceaa5c7a8c8"
},
{
"url": "https://git.kernel.org/stable/c/974bba5c118f4c2baf00de0356e3e4f7928b4cbc"
}
],
"title": "usb: config: fix iteration issue in 'usb_get_bos_descriptor()'",
"x_generator": {
"engine": "bippy-1.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "f4215fc3-5b6b-47ff-a258-f7189bd81038",
"cveID": "CVE-2023-52781",
"requesterUserId": "gregkh@kernel.org",
"serial": "1",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.0"
}