In the Linux kernel, the following vulnerability has been resolved:
usb: gadget: aspeed_udc: validate endpoint index for ast udc
We should verify the bound of the array to assure that host
may not manipulate the index to point past endpoint array.
Found by static analysis.
References
Configurations
Configuration 1 (hide)
|
History
09 Oct 2024, 15:47
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-129 | |
First Time |
Linux linux Kernel
Linux |
|
CPE | cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.8 |
References | () https://git.kernel.org/stable/c/31bd4fab49c0adc6228848357c1b1df9395858af - Patch | |
References | () https://git.kernel.org/stable/c/6fe9ca2ca389114c8da66e534c18273497843e8a - Patch | |
References | () https://git.kernel.org/stable/c/b2a50ffdd1a079869a62198a8d1441355c513c7c - Patch | |
References | () https://git.kernel.org/stable/c/ee0d382feb44ec0f445e2ad63786cd7f3f6a8199 - Patch |
30 Sep 2024, 12:45
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
27 Sep 2024, 13:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-09-27 13:15
Updated : 2024-10-09 15:47
NVD link : CVE-2024-46836
Mitre link : CVE-2024-46836
CVE.ORG link : CVE-2024-46836
JSON object : View
Products Affected
linux
- linux_kernel
CWE
CWE-129
Improper Validation of Array Index