CVE-2022-25258: Null Pointer Dereference

First published: Wed Feb 16 2022(Updated: )

An issue was discovered in drivers/usb/gadget/composite.c in the Linux kernel before 5.16.10. The USB Gadget subsystem lacks certain validation of interface OS descriptor requests (ones with a large array index and ones associated with NULL function pointer retrieval). Memory corruption might occur.

Credit: cve@mitre.org cve@mitre.org

Affected Software	Affected Version	How to fix
Linux Linux kernel	<5.16.10
Fedoraproject Fedora	=35
Debian Debian Linux	=9.0
Debian Debian Linux	=10.0
Debian Debian Linux	=11.0
Netapp Active Iq Unified Manager Vmware Vsphere
All of
Netapp H300s Firmware
Netapp H300s
All of
Netapp H500s Firmware
Netapp H500s
All of
Netapp H700s Firmware
Netapp H700s
All of
Netapp H410s Firmware
Netapp H410s
All of
Netapp H410c Firmware
Netapp H410c
Netapp H300s Firmware
Netapp H300s
Netapp H500s Firmware
Netapp H500s
Netapp H700s Firmware
Netapp H700s
Netapp H410s Firmware
Netapp H410s
Netapp H410c Firmware
Netapp H410c
Google Android
ubuntu/linux	<4.15.0-177.186	4.15.0-177.186
ubuntu/linux	<5.4.0-110.124	5.4.0-110.124
ubuntu/linux	<5.13.0-41.46	5.13.0-41.46
ubuntu/linux	<5.17~<5.4.180<5.15.24	5.17~ 5.4.180 5.15.24
ubuntu/linux	<4.4.0-230.264	4.4.0-230.264
ubuntu/linux-aws	<4.15.0-1128.137	4.15.0-1128.137
ubuntu/linux-aws	<5.4.0-1073.78	5.4.0-1073.78
ubuntu/linux-aws	<5.13.0-1023.25	5.13.0-1023.25
ubuntu/linux-aws	<4.4.0-1110.116	4.4.0-1110.116
ubuntu/linux-aws	<5.17~<5.4.180<5.15.24	5.17~ 5.4.180 5.15.24
ubuntu/linux-aws	<4.4.0-1146.161	4.4.0-1146.161
ubuntu/linux-aws-5.0	<5.17~<5.4.180<5.15.24	5.17~ 5.4.180 5.15.24
ubuntu/linux-aws-5.11	<5.17~<5.4.180<5.15.24	5.17~ 5.4.180 5.15.24
ubuntu/linux-aws-5.13	<5.13.0-1023.25~20.04.1	5.13.0-1023.25~20.04.1
ubuntu/linux-aws-5.13	<5.17~<5.4.180<5.15.24	5.17~ 5.4.180 5.15.24
ubuntu/linux-aws-5.15	<5.17~<5.4.180<5.15.24	5.17~ 5.4.180 5.15.24
ubuntu/linux-aws-5.3	<5.17~<5.4.180<5.15.24	5.17~ 5.4.180 5.15.24
ubuntu/linux-aws-5.4	<5.4.0-1075.80~18.04.1	5.4.0-1075.80~18.04.1
ubuntu/linux-aws-5.4	<5.17~<5.4.180<5.15.24	5.17~ 5.4.180 5.15.24
ubuntu/linux-aws-5.8	<5.17~<5.4.180<5.15.24	5.17~ 5.4.180 5.15.24
ubuntu/linux-aws-6.5	<5.17~<5.4.180<5.15.24	5.17~ 5.4.180 5.15.24
ubuntu/linux-aws-fips	<5.17~<5.4.180<5.15.24	5.17~ 5.4.180 5.15.24
ubuntu/linux-aws-hwe	<5.17~<5.4.180<5.15.24	5.17~ 5.4.180 5.15.24
ubuntu/linux-aws-hwe	<4.15.0-1128.137~16.04.1	4.15.0-1128.137~16.04.1
ubuntu/linux-azure	<5.4.0-1078.81	5.4.0-1078.81
ubuntu/linux-azure	<5.13.0-1023.27	5.13.0-1023.27
ubuntu/linux-azure	<4.15.0-1138.151~14.04.1	4.15.0-1138.151~14.04.1
ubuntu/linux-azure	<5.17~<5.4.180<5.15.24	5.17~ 5.4.180 5.15.24
ubuntu/linux-azure	<4.15.0-1138.151~16.04.1	4.15.0-1138.151~16.04.1
ubuntu/linux-azure-4.15	<4.15.0-1138.151	4.15.0-1138.151
ubuntu/linux-azure-4.15	<5.17~<5.4.180<5.15.24	5.17~ 5.4.180 5.15.24
ubuntu/linux-azure-5.11	<5.17~<5.4.180<5.15.24	5.17~ 5.4.180 5.15.24
ubuntu/linux-azure-5.13	<5.13.0-1023.27~20.04.1	5.13.0-1023.27~20.04.1
ubuntu/linux-azure-5.13	<5.17~<5.4.180<5.15.24	5.17~ 5.4.180 5.15.24
ubuntu/linux-azure-5.15	<5.17~<5.4.180<5.15.24	5.17~ 5.4.180 5.15.24
ubuntu/linux-azure-5.3	<5.17~<5.4.180<5.15.24	5.17~ 5.4.180 5.15.24
ubuntu/linux-azure-5.4	<5.4.0-1078.81~18.04.1	5.4.0-1078.81~18.04.1
ubuntu/linux-azure-5.4	<5.17~<5.4.180<5.15.24	5.17~ 5.4.180 5.15.24
ubuntu/linux-azure-6.5	<5.17~<5.4.180<5.15.24	5.17~ 5.4.180 5.15.24
ubuntu/linux-azure-edge	<5.17~<5.4.180<5.15.24	5.17~ 5.4.180 5.15.24
ubuntu/linux-azure-fde	<5.4.0-1078.81	5.4.0-1078.81
ubuntu/linux-azure-fde	<5.17~<5.4.180<5.15.24	5.17~ 5.4.180 5.15.24
ubuntu/linux-azure-fde-5.15	<5.17~<5.4.180<5.15.24	5.17~ 5.4.180 5.15.24
ubuntu/linux-azure-fips	<5.17~<5.4.180<5.15.24	5.17~ 5.4.180 5.15.24
ubuntu/linux-bluefield	<5.4.0-1040.44	5.4.0-1040.44
ubuntu/linux-bluefield	<5.17~<5.4.180<5.15.24	5.17~ 5.4.180 5.15.24
ubuntu/linux-dell300x	<4.15.0-1042.47	4.15.0-1042.47
ubuntu/linux-dell300x	<5.17~<5.4.180<5.15.24	5.17~ 5.4.180 5.15.24
ubuntu/linux-fips	<5.17~<5.4.180<5.15.24	5.17~ 5.4.180 5.15.24
ubuntu/linux-gcp	<5.4.0-1073.78	5.4.0-1073.78
ubuntu/linux-gcp	<5.13.0-1025.30	5.13.0-1025.30
ubuntu/linux-gcp	<5.17~<5.4.180<5.15.24	5.17~ 5.4.180 5.15.24
ubuntu/linux-gcp	<4.15.0-1122.136~16.04.1	4.15.0-1122.136~16.04.1
ubuntu/linux-gcp-4.15	<4.15.0-1122.136	4.15.0-1122.136
ubuntu/linux-gcp-4.15	<5.17~<5.4.180<5.15.24	5.17~ 5.4.180 5.15.24
ubuntu/linux-gcp-5.11	<5.17~<5.4.180<5.15.24	5.17~ 5.4.180 5.15.24
ubuntu/linux-gcp-5.13	<5.13.0-1025.30~20.04.1	5.13.0-1025.30~20.04.1
ubuntu/linux-gcp-5.13	<5.17~<5.4.180<5.15.24	5.17~ 5.4.180 5.15.24
ubuntu/linux-gcp-5.15	<5.17~<5.4.180<5.15.24	5.17~ 5.4.180 5.15.24
ubuntu/linux-gcp-5.3	<5.17~<5.4.180<5.15.24	5.17~ 5.4.180 5.15.24
ubuntu/linux-gcp-5.4	<5.4.0-1073.78~18.04.1	5.4.0-1073.78~18.04.1
ubuntu/linux-gcp-5.8	<5.17~<5.4.180<5.15.24	5.17~ 5.4.180 5.15.24
ubuntu/linux-gcp-6.5	<5.17~<5.4.180<5.15.24	5.17~ 5.4.180 5.15.24
ubuntu/linux-gcp-fips	<5.17~<5.4.180<5.15.24	5.17~ 5.4.180 5.15.24
ubuntu/linux-gke	<5.4.0-1071.76	5.4.0-1071.76
ubuntu/linux-gke	<5.17~<5.4.180<5.15.24	5.17~ 5.4.180 5.15.24
ubuntu/linux-gke-4.15	<5.17~<5.4.180<5.15.24	5.17~ 5.4.180 5.15.24
ubuntu/linux-gke-5.0	<5.17~<5.4.180<5.15.24	5.17~ 5.4.180 5.15.24
ubuntu/linux-gke-5.3	<5.17~<5.4.180<5.15.24	5.17~ 5.4.180 5.15.24
ubuntu/linux-gke-5.4	<5.4.0-1071.76~18.04.3	5.4.0-1071.76~18.04.3
ubuntu/linux-gke-5.4	<5.17~<5.4.180<5.15.24	5.17~ 5.4.180 5.15.24
ubuntu/linux-gkeop	<5.4.0-1040.41	5.4.0-1040.41
ubuntu/linux-gkeop	<5.17~<5.4.180<5.15.24	5.17~ 5.4.180 5.15.24
ubuntu/linux-gkeop-5.15	<5.17~<5.4.180<5.15.24	5.17~ 5.4.180 5.15.24
ubuntu/linux-gkeop-5.4	<5.4.0-1040.41~18.04.1	5.4.0-1040.41~18.04.1
ubuntu/linux-gkeop-5.4	<5.17~<5.4.180<5.15.24	5.17~ 5.4.180 5.15.24
ubuntu/linux-hwe	<5.17~<5.4.180<5.15.24	5.17~ 5.4.180 5.15.24
ubuntu/linux-hwe	<4.15.0-177.186~16.04.1	4.15.0-177.186~16.04.1
ubuntu/linux-hwe-5.11	<5.17~<5.4.180<5.15.24	5.17~ 5.4.180 5.15.24
ubuntu/linux-hwe-5.13	<5.13.0-41.46~20.04.1	5.13.0-41.46~20.04.1
ubuntu/linux-hwe-5.13	<5.17~<5.4.180<5.15.24	5.17~ 5.4.180 5.15.24
ubuntu/linux-hwe-5.15	<5.17~<5.4.180<5.15.24	5.17~ 5.4.180 5.15.24
ubuntu/linux-hwe-5.4	<5.4.0-110.124~18.04.1	5.4.0-110.124~18.04.1
ubuntu/linux-hwe-5.4	<5.17~<5.4.180<5.15.24	5.17~ 5.4.180 5.15.24
ubuntu/linux-hwe-5.8	<5.17~<5.4.180<5.15.24	5.17~ 5.4.180 5.15.24
ubuntu/linux-hwe-6.5	<5.17~<5.4.180<5.15.24	5.17~ 5.4.180 5.15.24
ubuntu/linux-hwe-edge	<5.17~<5.4.180<5.15.24	5.17~ 5.4.180 5.15.24
ubuntu/linux-ibm	<5.4.0-1021.23	5.4.0-1021.23
ubuntu/linux-ibm	<5.17~<5.4.180<5.15.24	5.17~ 5.4.180 5.15.24
ubuntu/linux-ibm-5.15	<5.17~<5.4.180<5.15.24	5.17~ 5.4.180 5.15.24
ubuntu/linux-ibm-5.4	<5.4.0-1021.23~18.04.1	5.4.0-1021.23~18.04.1
ubuntu/linux-ibm-5.4	<5.17~<5.4.180<5.15.24	5.17~ 5.4.180 5.15.24
ubuntu/linux-intel	<5.17~<5.4.180<5.15.24	5.17~ 5.4.180 5.15.24
ubuntu/linux-intel-5.13	<5.17~<5.4.180<5.15.24	5.17~ 5.4.180 5.15.24
ubuntu/linux-intel-iotg	<5.17~<5.4.180<5.15.24	5.17~ 5.4.180 5.15.24
ubuntu/linux-intel-iotg-5.15	<5.15.0-1008.11~20.04.1	5.15.0-1008.11~20.04.1
ubuntu/linux-intel-iotg-5.15	<5.17~<5.4.180<5.15.24	5.17~ 5.4.180 5.15.24
ubuntu/linux-iot	<5.17~<5.4.180<5.15.24	5.17~ 5.4.180 5.15.24
ubuntu/linux-kvm	<4.15.0-1114.117	4.15.0-1114.117
ubuntu/linux-kvm	<5.4.0-1063.66	5.4.0-1063.66
ubuntu/linux-kvm	<5.13.0-1022.23	5.13.0-1022.23
ubuntu/linux-kvm	<5.17~<5.4.180<5.15.24	5.17~ 5.4.180 5.15.24
ubuntu/linux-kvm	<4.4.0-1111.121	4.4.0-1111.121
ubuntu/linux-laptop	<5.17~<5.4.180<5.15.24	5.17~ 5.4.180 5.15.24
ubuntu/linux-lowlatency	<5.17~<5.4.180<5.15.24	5.17~ 5.4.180 5.15.24
ubuntu/linux-lowlatency-hwe-5.15	<5.17~<5.4.180<5.15.24	5.17~ 5.4.180 5.15.24
ubuntu/linux-lowlatency-hwe-6.5	<5.17~<5.4.180<5.15.24	5.17~ 5.4.180 5.15.24
ubuntu/linux-lts-xenial	<4.4.0-230.264~14.04.1	4.4.0-230.264~14.04.1
ubuntu/linux-lts-xenial	<5.17~<5.4.180<5.15.24	5.17~ 5.4.180 5.15.24
ubuntu/linux-nvidia	<5.17~<5.4.180<5.15.24	5.17~ 5.4.180 5.15.24
ubuntu/linux-nvidia-6.5	<5.17~<5.4.180<5.15.24	5.17~ 5.4.180 5.15.24
ubuntu/linux-oem	<5.17~<5.4.180<5.15.24	5.17~ 5.4.180 5.15.24
ubuntu/linux-oem-5.10	<5.17~<5.4.180<5.15.24	5.17~ 5.4.180 5.15.24
ubuntu/linux-oem-5.13	<5.17~<5.4.180<5.15.24	5.17~ 5.4.180 5.15.24
ubuntu/linux-oem-5.14	<5.14.0-1027.30	5.14.0-1027.30
ubuntu/linux-oem-5.17	<5.17~<5.4.180<5.15.24	5.17~ 5.4.180 5.15.24
ubuntu/linux-oem-5.6	<5.17~<5.4.180<5.15.24	5.17~ 5.4.180 5.15.24
ubuntu/linux-oem-6.5	<5.17~<5.4.180<5.15.24	5.17~ 5.4.180 5.15.24
ubuntu/linux-oem-6.8	<5.17~<5.4.180<5.15.24	5.17~ 5.4.180 5.15.24
ubuntu/linux-oem-osp1	<5.17~<5.4.180<5.15.24	5.17~ 5.4.180 5.15.24
ubuntu/linux-oracle	<4.15.0-1093.102	4.15.0-1093.102
ubuntu/linux-oracle	<5.4.0-1071.77	5.4.0-1071.77
ubuntu/linux-oracle	<5.13.0-1028.33	5.13.0-1028.33
ubuntu/linux-oracle	<5.17~<5.4.180<5.15.24	5.17~ 5.4.180 5.15.24
ubuntu/linux-oracle	<4.15.0-1093.102~16.04.1	4.15.0-1093.102~16.04.1
ubuntu/linux-oracle-5.0	<5.17~<5.4.180<5.15.24	5.17~ 5.4.180 5.15.24
ubuntu/linux-oracle-5.11	<5.17~<5.4.180<5.15.24	5.17~ 5.4.180 5.15.24
ubuntu/linux-oracle-5.13	<5.13.0-1028.33~20.04.1	5.13.0-1028.33~20.04.1
ubuntu/linux-oracle-5.13	<5.17~<5.4.180<5.15.24	5.17~ 5.4.180 5.15.24
ubuntu/linux-oracle-5.15	<5.17~<5.4.180<5.15.24	5.17~ 5.4.180 5.15.24
ubuntu/linux-oracle-5.3	<5.17~<5.4.180<5.15.24	5.17~ 5.4.180 5.15.24
ubuntu/linux-oracle-5.4	<5.4.0-1071.77~18.04.1	5.4.0-1071.77~18.04.1
ubuntu/linux-oracle-6.5	<5.17~<5.4.180<5.15.24	5.17~ 5.4.180 5.15.24
ubuntu/linux-raspi	<5.4.0-1060.68	5.4.0-1060.68
ubuntu/linux-raspi	<5.13.0-1026.28	5.13.0-1026.28
ubuntu/linux-raspi	<5.17~<5.4.180<5.15.24	5.17~ 5.4.180 5.15.24
ubuntu/linux-raspi-5.4	<5.4.0-1060.68~18.04.1	5.4.0-1060.68~18.04.1
ubuntu/linux-raspi-5.4	<5.17~<5.4.180<5.15.24	5.17~ 5.4.180 5.15.24
ubuntu/linux-raspi2	<4.15.0-1109.116	4.15.0-1109.116
ubuntu/linux-raspi2	<5.17~<5.4.180<5.15.24	5.17~ 5.4.180 5.15.24
ubuntu/linux-raspi2-5.3	<5.17~<5.4.180<5.15.24	5.17~ 5.4.180 5.15.24
ubuntu/linux-riscv	<5.17~<5.4.180<5.15.24	5.17~ 5.4.180 5.15.24
ubuntu/linux-riscv-5.11	<5.17~<5.4.180<5.15.24	5.17~ 5.4.180 5.15.24
ubuntu/linux-riscv-5.15	<5.17~<5.4.180<5.15.24	5.17~ 5.4.180 5.15.24
ubuntu/linux-riscv-5.8	<5.17~<5.4.180<5.15.24	5.17~ 5.4.180 5.15.24
ubuntu/linux-riscv-6.5	<5.17~<5.4.180<5.15.24	5.17~ 5.4.180 5.15.24
ubuntu/linux-snapdragon	<4.15.0-1127.136	4.15.0-1127.136
ubuntu/linux-snapdragon	<5.17~<5.4.180<5.15.24	5.17~ 5.4.180 5.15.24
ubuntu/linux-starfive	<5.17~<5.4.180<5.15.24	5.17~ 5.4.180 5.15.24
ubuntu/linux-starfive-6.5	<5.17~<5.4.180<5.15.24	5.17~ 5.4.180 5.15.24
ubuntu/linux-xilinx-zynqmp	<5.17~<5.4.180<5.15.24	5.17~ 5.4.180 5.15.24
debian/linux		5.10.218-1 5.10.221-1 6.1.94-1 6.1.99-1 6.9.10-1 6.9.12-1

Never miss a vulnerability like this again

Reference Links

Parent vulnerabilities

(Appears in the following advisories)

agent/type
agent/first-publish-date
collector/launchpad-cve
source/Launchpad
agent/author
agent/remedy
agent/weakness
agent/severity
agent/description
collector/nvd-cve
source/NVD
agent/software-canonical-lookup
agent/software-canonical-lookup-request
collector/nvd-index
collector/android-source
source/Android
agent/last-modified-date
agent/references
collector/usn-cve
source/Ubuntu
agent/event
agent/tags
collector/security-tracker-debian
source/Debian
agent/softwarecombine
collector/mitre-cve
source/MITRE
vendor/linux
canonical/linux linux kernel
vendor/fedoraproject
canonical/fedoraproject fedora
version/fedoraproject fedora/35
vendor/debian
canonical/debian debian linux
version/debian debian linux/9.0
version/debian debian linux/10.0
version/debian debian linux/11.0
vendor/netapp
canonical/netapp active iq unified manager vmware vsphere
canonical/netapp h300s firmware
canonical/netapp h300s
canonical/netapp h500s firmware
canonical/netapp h500s
canonical/netapp h700s firmware
canonical/netapp h700s
canonical/netapp h410s firmware
canonical/netapp h410s
canonical/netapp h410c firmware
canonical/netapp h410c
vendor/google
canonical/google android
package-manager/ubuntu
package-manager/debian

CVE-2022-25258: Null Pointer Dereference

Remedy

Remedy

Remedy

Never miss a vulnerability like this again

Reference Links

Parent vulnerabilities

Company

Resources

Contact