In the Linux kernel, the following vulnerability has been resolved:
usb: gadget: uvc: Prevent buffer overflow in setup handler
Setup function uvcfunctionsetup permits control transfer requests with up to 64 bytes of payload (UVCMAXREQUESTSIZE), data stage handler for OUT transfer uses memcpy to copy req->actual bytes to uvcevent->data.data array of size 60. This may result in an overflow of 4 bytes.
[
{
"signature_type": "Function",
"digest": {
"function_hash": "79491582573328800735268733867006461646",
"length": 431.0
},
"deprecated": false,
"id": "CVE-2022-48948-2079f829",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@c79538f32df12887f110dcd6b9c825b482905f24",
"target": {
"function": "uvc_function_ep0_complete",
"file": "drivers/usb/gadget/function/f_uvc.c"
},
"signature_version": "v1"
},
{
"signature_type": "Line",
"digest": {
"threshold": 0.9,
"line_hashes": [
"132977851483725300621545293680964174689",
"29235123373988263708595123213808811003",
"225980013626001165837560425579896661833",
"165705216676039181185382704782215354493",
"186072793926542338838466816577280647046"
]
},
"deprecated": false,
"id": "CVE-2022-48948-210a88cb",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@c79538f32df12887f110dcd6b9c825b482905f24",
"target": {
"file": "drivers/usb/gadget/function/f_uvc.c"
},
"signature_version": "v1"
},
{
"signature_type": "Line",
"digest": {
"threshold": 0.9,
"line_hashes": [
"132977851483725300621545293680964174689",
"29235123373988263708595123213808811003",
"225980013626001165837560425579896661833",
"165705216676039181185382704782215354493",
"186072793926542338838466816577280647046"
]
},
"deprecated": false,
"id": "CVE-2022-48948-2b12a93f",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@4c92670b16727365699fe4b19ed32013bab2c107",
"target": {
"file": "drivers/usb/gadget/function/f_uvc.c"
},
"signature_version": "v1"
},
{
"signature_type": "Function",
"digest": {
"function_hash": "79491582573328800735268733867006461646",
"length": 431.0
},
"deprecated": false,
"id": "CVE-2022-48948-40596eaa",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@4c92670b16727365699fe4b19ed32013bab2c107",
"target": {
"function": "uvc_function_ep0_complete",
"file": "drivers/usb/gadget/function/f_uvc.c"
},
"signature_version": "v1"
},
{
"signature_type": "Line",
"digest": {
"threshold": 0.9,
"line_hashes": [
"132977851483725300621545293680964174689",
"29235123373988263708595123213808811003",
"225980013626001165837560425579896661833",
"165705216676039181185382704782215354493",
"186072793926542338838466816577280647046"
]
},
"deprecated": false,
"id": "CVE-2022-48948-554dc568",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@d1a92bb8d697f170d93fe922da763d7d156b8841",
"target": {
"file": "drivers/usb/gadget/function/f_uvc.c"
},
"signature_version": "v1"
},
{
"signature_type": "Function",
"digest": {
"function_hash": "79491582573328800735268733867006461646",
"length": 431.0
},
"deprecated": false,
"id": "CVE-2022-48948-58a52fc0",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@b8fb1cba934ea122b50f13a4f9d6fc4fdc43d2be",
"target": {
"function": "uvc_function_ep0_complete",
"file": "drivers/usb/gadget/function/f_uvc.c"
},
"signature_version": "v1"
},
{
"signature_type": "Line",
"digest": {
"threshold": 0.9,
"line_hashes": [
"132977851483725300621545293680964174689",
"29235123373988263708595123213808811003",
"225980013626001165837560425579896661833",
"165705216676039181185382704782215354493",
"186072793926542338838466816577280647046"
]
},
"deprecated": false,
"id": "CVE-2022-48948-6bba4ab8",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@7b1f773277a72f9756d47a41b94e43506cce1954",
"target": {
"file": "drivers/usb/gadget/function/f_uvc.c"
},
"signature_version": "v1"
},
{
"signature_type": "Function",
"digest": {
"function_hash": "79491582573328800735268733867006461646",
"length": 431.0
},
"deprecated": false,
"id": "CVE-2022-48948-8ee25450",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@06fd17ee92c8f1704c7e54ec0fd50ae0542a49a5",
"target": {
"function": "uvc_function_ep0_complete",
"file": "drivers/usb/gadget/function/f_uvc.c"
},
"signature_version": "v1"
},
{
"signature_type": "Line",
"digest": {
"threshold": 0.9,
"line_hashes": [
"132977851483725300621545293680964174689",
"29235123373988263708595123213808811003",
"225980013626001165837560425579896661833",
"165705216676039181185382704782215354493",
"186072793926542338838466816577280647046"
]
},
"deprecated": false,
"id": "CVE-2022-48948-a509b161",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@6b41a35b41f77821db24f2d8f66794b390a585c5",
"target": {
"file": "drivers/usb/gadget/function/f_uvc.c"
},
"signature_version": "v1"
},
{
"signature_type": "Function",
"digest": {
"function_hash": "79491582573328800735268733867006461646",
"length": 431.0
},
"deprecated": false,
"id": "CVE-2022-48948-ab790d8f",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@bc8380fe5768c564f921f7b4eaba932e330b9e4b",
"target": {
"function": "uvc_function_ep0_complete",
"file": "drivers/usb/gadget/function/f_uvc.c"
},
"signature_version": "v1"
},
{
"signature_type": "Line",
"digest": {
"threshold": 0.9,
"line_hashes": [
"132977851483725300621545293680964174689",
"29235123373988263708595123213808811003",
"225980013626001165837560425579896661833",
"165705216676039181185382704782215354493",
"186072793926542338838466816577280647046"
]
},
"deprecated": false,
"id": "CVE-2022-48948-b226d239",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@bc8380fe5768c564f921f7b4eaba932e330b9e4b",
"target": {
"file": "drivers/usb/gadget/function/f_uvc.c"
},
"signature_version": "v1"
},
{
"signature_type": "Function",
"digest": {
"function_hash": "79491582573328800735268733867006461646",
"length": 431.0
},
"deprecated": false,
"id": "CVE-2022-48948-b9797408",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@7b1f773277a72f9756d47a41b94e43506cce1954",
"target": {
"function": "uvc_function_ep0_complete",
"file": "drivers/usb/gadget/function/f_uvc.c"
},
"signature_version": "v1"
},
{
"signature_type": "Function",
"digest": {
"function_hash": "79491582573328800735268733867006461646",
"length": 431.0
},
"deprecated": false,
"id": "CVE-2022-48948-c218d22f",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@d1a92bb8d697f170d93fe922da763d7d156b8841",
"target": {
"function": "uvc_function_ep0_complete",
"file": "drivers/usb/gadget/function/f_uvc.c"
},
"signature_version": "v1"
},
{
"signature_type": "Function",
"digest": {
"function_hash": "79491582573328800735268733867006461646",
"length": 431.0
},
"deprecated": false,
"id": "CVE-2022-48948-c77a8131",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@4972e3528b968665b596b5434764ff8fd9446d35",
"target": {
"function": "uvc_function_ep0_complete",
"file": "drivers/usb/gadget/function/f_uvc.c"
},
"signature_version": "v1"
},
{
"signature_type": "Line",
"digest": {
"threshold": 0.9,
"line_hashes": [
"132977851483725300621545293680964174689",
"29235123373988263708595123213808811003",
"225980013626001165837560425579896661833",
"165705216676039181185382704782215354493",
"186072793926542338838466816577280647046"
]
},
"deprecated": false,
"id": "CVE-2022-48948-ca7ac655",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@b8fb1cba934ea122b50f13a4f9d6fc4fdc43d2be",
"target": {
"file": "drivers/usb/gadget/function/f_uvc.c"
},
"signature_version": "v1"
},
{
"signature_type": "Line",
"digest": {
"threshold": 0.9,
"line_hashes": [
"132977851483725300621545293680964174689",
"29235123373988263708595123213808811003",
"225980013626001165837560425579896661833",
"165705216676039181185382704782215354493",
"186072793926542338838466816577280647046"
]
},
"deprecated": false,
"id": "CVE-2022-48948-d207f809",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@4972e3528b968665b596b5434764ff8fd9446d35",
"target": {
"file": "drivers/usb/gadget/function/f_uvc.c"
},
"signature_version": "v1"
},
{
"signature_type": "Function",
"digest": {
"function_hash": "79491582573328800735268733867006461646",
"length": 431.0
},
"deprecated": false,
"id": "CVE-2022-48948-db99f275",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@6b41a35b41f77821db24f2d8f66794b390a585c5",
"target": {
"function": "uvc_function_ep0_complete",
"file": "drivers/usb/gadget/function/f_uvc.c"
},
"signature_version": "v1"
},
{
"signature_type": "Line",
"digest": {
"threshold": 0.9,
"line_hashes": [
"132977851483725300621545293680964174689",
"29235123373988263708595123213808811003",
"225980013626001165837560425579896661833",
"165705216676039181185382704782215354493",
"186072793926542338838466816577280647046"
]
},
"deprecated": false,
"id": "CVE-2022-48948-fc716e7e",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@06fd17ee92c8f1704c7e54ec0fd50ae0542a49a5",
"target": {
"file": "drivers/usb/gadget/function/f_uvc.c"
},
"signature_version": "v1"
}
]