Linux Kernel HID Thrustmaster Driver Stack-Out-of-Bounds Read Vulnerability

Vulnerability

A stack-out-of-bounds read vulnerability has been identified in the Linux kernel's HID Thrustmaster driver. This issue arises in the usb_check_int_endpoints function within the usb.c core driver, where the ep_addr array is processed. The vulnerability occurs because the array is not properly terminated, leading to an attempt to access a non-existent element, which can crash the kernel. The vulnerability has been addressed by adding a null element at the end of the array to prevent the out-of-bounds read.

Impact

Exploitation of this vulnerability leads to a stack-out-of-bounds read, causing a kernel crash.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.1

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.1

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel HID Thrustmaster Driver Stack-Out-of-Bounds Read Vulnerability

Vulnerability

Impact

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating