Linux Kernel Radio-Shark2 Driver Endpoint Check Vulnerability

A vulnerability in the Linux kernel's radio-shark2 driver allows for improper handling of USB endpoint types. The issue arises because the driver fails to verify whether the endpoints it utilizes are present and correctly configured. This flaw was identified by the syzbot fuzzer, which triggered a warning about a bogus USB transfer, indicating a mismatch between the pipe and transfer type. The vulnerability affects several versions of the Linux kernel.

Impact

Exploitation of this vulnerability can lead to warnings about bogus USB transfer types, which may indicate a deeper issue with USB endpoint handling in the affected driver.

Reproduction

The vulnerability can be reproduced by using the syzbot fuzzer, which will send requests that trigger the warning about bogus USB transfer types. This can be done by fuzzing the radio-shark2 driver with USB messages that create the mismatch between the pipe and transfer type, simulating an incorrect endpoint configuration.

Remediation

The vulnerability has been addressed in the Linux kernel. Users can upgrade to the latest version of the stable Linux kernel to apply the fix.