References to Advisories, Solutions, and Tools

By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other web sites that are more appropriate for your purpose. NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, NIST does not endorse any commercial products that may be mentioned on these sites. Please address comments about this page to [email protected].

Change History

In the Linux kernel, the following vulnerability has been resolved:

sound: ua101: fix division by zero at probe

Add a missing sanity check for bNrChannels in detect_usb_format()
to prevent a division by zero in playback_urb_complete() and
capture_urb_complete().

USB core does not validate class-specific descriptor fields such
as bNrChannels, so drivers must verify them before use. If a
device provides bNrChannels = 0, frame_bytes becomes zero and is
later used as a divisor in the URB completion handlers, leading
to a kernel crash.

https://git.kernel.org/stable/c/0ff2b713f406e9ecadb406014d74e7a020ac12b1

https://git.kernel.org/stable/c/593dd7e6c890d8e4ca21b3e2f796b7cb8e8da983

https://git.kernel.org/stable/c/6162e8212e88c39492d981b248b5e37002486c66

https://git.kernel.org/stable/c/d1f73f169c1014463b5060e3f60813e13ddc7b87

https://git.kernel.org/stable/c/f1862dbf09080254c52175a448290c784dd7d3de