The function hso_get_config_data in drivers/net/usb/hso.c in the Linux kernel through 4.19.8 reads if_num from the USB device (as a u8) and uses it to index a small array, resulting in an object out-of-bounds (OOB) read that potentially allows arbitrary read in the kernel address space.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2019-03-17T19:48:52
Updated: 2019-11-06T00:07:12
Reserved: 2018-12-09T00:00:00
Link: CVE-2018-19985
JSON object: View
NVD Information
Status : Modified
Published: 2019-03-21T16:00:33.373
Modified: 2019-09-03T00:15:13.080
Link: CVE-2018-19985
JSON object: View
Redhat Information
No data.
CWE