CVE-2022-27223

In drivers/usb/gadget/udc/udc-xilinx.c in the Linux kernel before 5.16.12, the endpoint index is not validated and might be manipulated by the host for out-of-array access.
Configurations

Configuration 1

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vsphere:*:*
cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*

Information

Published : 2022-03-16 12:15

Updated : 2023-01-19 03:24


NVD link : CVE-2022-27223

Mitre link : CVE-2022-27223

Products Affected
No products.
CWE
CWE-129

Improper Validation of Array Index