Linux Kernel usbnet Out-of-Bounds Read Vulnerability in ipheth Driver

Vulnerability

A vulnerability allowing an out-of-bounds read has been identified in the Linux kernel's usbnet component, specifically within the ipheth driver. The issue arises because the NDP16 header's starting position could be manipulated to extend beyond the intended bounds of the URB, based on the wNdpIndex value in NTH16. This flaw was not fully addressed by a recent commit, which only partially corrected the out-of-bounds read by enforcing a specific NDP16 format and checking URB length. The vulnerability persists because the limit on the number of DPEs has not been separately enforced.

Impact

Exploitation of this vulnerability leads to an out-of-bounds read, which can potentially be exploited to read memory locations outside the intended buffer, causing undefined behavior or information disclosure.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

0.6

exploitability

5.3

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

0.6

exploitability

5.3

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel usbnet Out-of-Bounds Read Vulnerability in ipheth Driver

Vulnerability

Impact

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating