Severity: Unknown
Affected Package: kernel
Summary: USB network drivers out-of-bounds write via malicious device
A missing length validation common to the smsc(4), muge(4) and cdceem(4) USB network drivers meant that a malicious USB device could write beyond the end of an allocated network packet buffer, potentially achieving kernel or user-space code execution.
No specific recommendations provided.
Aliases: CVE-2020-7459
Published: August 05, 2020
Last Modified: August 05, 2020