Linux Kernel USB Driver Vulnerability in Control Transfer Processing
CVE-2023-53761
What is CVE-2023-53761?
A vulnerability in the Linux kernel's USB TMC (Test and Measurement Class) driver was identified, which fails to validate the control direction for zero-length ioctl operations. When an ioctl request is issued with a zero-length control transfer, the driver inadequately checks that the direction bit is set to OUT, potentially leading to erroneous handling of USB requests. This oversight could allow malicious actors to exploit this vulnerability, resulting in unintended behavior or system instability. The issue has been patched to ensure that the bRequestType field is correctly overridden, thus enhancing the robustness of the USB control message handling.
Affected Version(s)
Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 7cef7681aa7719ff585dd06113a061ab2def7da0
Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 6340e432cf70bf156b19c6f5dd737d940eca02a3
Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 3b43d9df27a708f4079d518b879f517fea150a91