Usbtmc driver Bug Fix
CVE-2022-48834

7.8HIGH

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 16 July 2024

What is CVE-2022-48834?

A vulnerability exists in the usbtmc driver of the Linux kernel, where the usbtmc_ioctl_request() function incorrectly uses usb_rcvctrlpipe() for all transfers, regardless of their direction. This misconfiguration leads to a mismatch in the expected control transfer direction, potentially resulting in unexpected behavior during USB communications. The issue was reported by the syzbot fuzzer, highlighting a need for a fix to correct the handling of control transfers to ensure proper operation and prevent potential disruptions in device communication.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Linux 658f24f4523e41cda6a389c38b763f4c0cad6fbc < 700a0715854c1e79a73341724ce4f5bb01abc016

Linux 658f24f4523e41cda6a389c38b763f4c0cad6fbc < 10a805334a11acd547602d6c4cf540a0f6ab5c6e

Linux 658f24f4523e41cda6a389c38b763f4c0cad6fbc

References

https://git.kernel.org/stable/c/700a0715854c1e79a73341724...

https://git.kernel.org/stable/c/10a805334a11acd547602d6c4...

https://git.kernel.org/stable/c/c69aef9db878ab277068a8cc1...

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 16, 2024
Vulnerability Reserved
Jul 16, 2024

JSON

Linux

What is CVE-2022-48834?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.