CVE-2026-45923
Published: May 27, 2026
Modified: May 27, 2026
Description
In the Linux kernel, the following vulnerability has been resolved: net: usb: catc: enable basic endpoint checking catc_probe() fills three URBs with hardcoded endpoint pipes without verifying the endpoint descriptors: - usb_sndbulkpipe(usbdev, 1) and usb_rcvbulkpipe(usbdev, 1) for TX/RX - usb_rcvintpipe(usbdev, 2) for interrupt status A malformed USB device can present these endpoints with transfer types that differ from what the driver assumes. Add a catc_usb_ep enum for endpoint numbers, replacing magic constants throughout. Add usb_check_bulk_endpoints() and usb_check_int_endpoints() calls after usb_set_interface() to verify endpoint types before use, rejecting devices with mismatched descriptors at probe time. Similar to - commit 90b7f2961798 ("net: usb: rtl8150: enable basic endpoint checking") which fixed the issue in rtl8150.
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - < eade522d3e6ac3f3bfb51bfa5b5b4b32bd0b846faffected 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - < ac7739b78ded519e1d9919a814da3b34120bec8caffected 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - < 163d04897e57633c5d2e69734e4e4b22bb63f50daffected 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - < a488001a8197da4f9c413eec8f6acbff71c60145affected 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - < 36c28b028efba0f42218d41fed12c47ce217c1f1+2 more versions |
Linux | Linux | affected 2.6.12unaffected 0 - < 2.6.12unaffected 5.10.252 - <= 5.10.*unaffected 6.1.165 - <= 6.1.*unaffected 6.6.128 - <= 6.6.*+4 more versions |
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now