Back to search
CVE-2022-48948
Published: Oct 21, 2024
Modified: May 11, 2026
PUBLISHED
Description
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: uvc: Prevent buffer overflow in setup handler Setup function uvc_function_setup permits control transfer requests with up to 64 bytes of payload (UVC_MAX_REQUEST_SIZE), data stage handler for OUT transfer uses memcpy to copy req->actual bytes to uvc_event->data.data array of size 60. This may result in an overflow of 4 bytes.
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected cdda479f15cd13fa50a913ca85129c0437cc7b91 - < 4972e3528b968665b596b5434764ff8fd9446d35affected cdda479f15cd13fa50a913ca85129c0437cc7b91 - < 06fd17ee92c8f1704c7e54ec0fd50ae0542a49a5affected cdda479f15cd13fa50a913ca85129c0437cc7b91 - < bc8380fe5768c564f921f7b4eaba932e330b9e4baffected cdda479f15cd13fa50a913ca85129c0437cc7b91 - < b8fb1cba934ea122b50f13a4f9d6fc4fdc43d2beaffected cdda479f15cd13fa50a913ca85129c0437cc7b91 - < c79538f32df12887f110dcd6b9c825b482905f24+4 more versions |
Linux | Linux | affected 2.6.35unaffected 0 - < 2.6.35unaffected 4.9.337 - <= 4.9.*unaffected 4.14.303 - <= 4.14.*unaffected 4.19.270 - <= 4.19.*+6 more versions |
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now