Linux Kernel usbnet ipheth Out-of-Bounds Read Vulnerability

Vulnerability

A vulnerability in the Linux kernel's usbnet ipheth component has been addressed, which involved an out-of-bounds read related to Data Path Elements (DPEs). The fix limits the number of processed DPEs to match the capacity of the fixed-size NDP16 header.

Impact

Exploitation of this vulnerability could lead to out-of-bounds memory access, potentially causing undefined behavior such as memory corruption.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

0.6

exploitability

5.3

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

0.6

exploitability

5.3

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel usbnet ipheth Out-of-Bounds Read Vulnerability

Vulnerability

Impact

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating