/
GSD-2023-1002411.json
61 lines (61 loc) · 2.63 KB
/
GSD-2023-1002411.json
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
{
"GSD": {
"vendor_name": "Linux",
"product_name": "Kernel",
"product_version": "versions from v3.0 to before v4.19.273",
"vulnerability_type": "unspecified",
"affected_component": "unspecified",
"attack_vector": "unspecified",
"impact": "unspecified",
"credit": "",
"references": [
"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=d40261236e8e278cb1936cb5e934262971692b10",
"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=723ef7b66f37c0841f5a451ccbce47ee1641e081"
],
"extended_references": [
{
"type": "commit",
"value": "d40261236e8e278cb1936cb5e934262971692b10",
"note": "introduced"
},
{
"type": "commit",
"value": "723ef7b66f37c0841f5a451ccbce47ee1641e081",
"note": "fixed"
}
],
"reporter": "joshbressers",
"reporter_id": 1692786,
"notes": "",
"description": "net/usb: kalmia: Don't pass act_len in usb_bulk_msg error path\n\nThis is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven.\nThis ID is fixed in Linux Kernel version v4.19.273 by commit 723ef7b66f37c0841f5a451ccbce47ee1641e081, it was introduced in version v3.0 by commit d40261236e8e278cb1936cb5e934262971692b10. For more details please see the references link."
},
"OSV": {
"id": "GSD-2023-1002411",
"modified": "2023-03-07T14:43:12.481491Z",
"published": "2023-03-07T14:43:12.481491Z",
"summary": "net/usb: kalmia: Don't pass act_len in usb_bulk_msg error path",
"details": "net/usb: kalmia: Don't pass act_len in usb_bulk_msg error path\n\nThis is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven.\nThis ID is fixed in Linux Kernel version v4.19.273 by commit 723ef7b66f37c0841f5a451ccbce47ee1641e081, it was introduced in version v3.0 by commit d40261236e8e278cb1936cb5e934262971692b10. For more details please see the references link.",
"affected": [
{
"package": {
"name": "Kernel",
"ecosystem": "Linux"
},
"ranges": [
{
"type": "GIT",
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/",
"events": [
{
"introduced": "d40261236e8e278cb1936cb5e934262971692b10"
},
{
"limit": "723ef7b66f37c0841f5a451ccbce47ee1641e081"
}
]
}
]
}
]
}
}