net: usb: smsc95xx: Limit packet length to skb->len
3Vexday Risk Score
No sign of exploitation. No public exploitation artifact known so far.
ssvc Trackepss 0.2%
exploitation probability
0.2%top 94% of all CVEs
observed exploitation
nono source reports it
In the Linux kernel, the following vulnerability has been resolved:
net: usb: smsc95xx: Limit packet length to skb->len
Packet length retrieved from descriptor may be larger than
the actual socket buffer length. In such case the cloned
skb passed up the network stack will leak kernel memory contents.
Affected products
Linux · LinuxReferences
https://git.kernel.org/stable/c/33d1603a38e05886c538129ddfe00bd52d347e7bhttps://git.kernel.org/stable/c/70eb25c6a6cde149affe8a587371a3a8ad295ba0https://git.kernel.org/stable/c/733580e268a53db1cd01f2251419da91866378f6https://git.kernel.org/stable/c/ba6c40227108f8ee428e42eb0337b48ed3001e65https://git.kernel.org/stable/c/d3c145a4d24b752c9a1314d5a595014d51471418https://git.kernel.org/stable/c/e041bef1adee02999cf24f9a2e15ed452bc363fehttps://git.kernel.org/stable/c/f2111c791d885211714db85f9a06188571c57dd0https://git.kernel.org/stable/c/ff821092cf02a70c2bccd2d19269f01e29aa52cf