References to Advisories, Solutions, and Tools

By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other web sites that are more appropriate for your purpose. NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, NIST does not endorse any commercial products that may be mentioned on these sites. Please address comments about this page to [email protected].

Change History

In the Linux kernel, the following vulnerability has been resolved:

HID: cp2112: prevent a buffer overflow in cp2112_xfer()

Smatch warnings:
drivers/hid/hid-cp2112.c:793 cp2112_xfer() error: __memcpy()
'data->block[1]' too small (33 vs 255)
drivers/hid/hid-cp2112.c:793 cp2112_xfer() error: __memcpy() 'buf' too
small (64 vs 255)

The 'read_length' variable is provided by 'data->block[0]' which comes
from user and it(read_length) can take a value between 0-255. Add an
upper bound to 'read_length' variable to prevent a buffer overflow in
memcpy().

https://git.kernel.org/stable/c/26e427ac85c2b8d0d108cc80b6de34d33e2780c4

https://git.kernel.org/stable/c/381583845d19cb4bd21c8193449385f3fefa9caf

https://git.kernel.org/stable/c/3af7d60e9a6c17d6d41c4341f8020511887d372d

https://git.kernel.org/stable/c/519ff31a6ddd87aa4905bd9bf3b92e8b88801614

https://git.kernel.org/stable/c/8489a20ac481b08c0391608d81ed3796d373cfdf

https://git.kernel.org/stable/c/e7028944e61014ae915e7fb74963d3835f2f761a

https://git.kernel.org/stable/c/ebda3d6b004bb6127a66a616524a2de152302ca7