Linux Kernel usbnet ipheth DPE Length Check Overflow Vulnerability

Vulnerability

A vulnerability in the Linux kernel's usbnet component, specifically within the ipheth driver, has been addressed. The issue involved a potential overflow in the Data Packet Exchange (DPE) length check. The original implementation could allow an overflow if the sum of the Datagram Index and Datagram Length exceeded the maximum value for a 16-bit unsigned integer. This flaw had the potential to lead to an Out-of-Bounds Read. The vulnerability has been resolved by adjusting the inequality to prevent the overflow, while an existing condition ensures that the Datagram Index remains within the bounds of the actual length of the USB request block.

Impact

Exploitation of this vulnerability could have led to an Out-of-Bounds Read, potentially allowing for memory corruption or information disclosure.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.3

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.3

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel usbnet ipheth DPE Length Check Overflow Vulnerability

Vulnerability

Impact

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating