CNNVD-202512-4144 Information
CNNVD ID
CNNVD-202512-4144
Related CVE
- CNNVD Published: 2025-12-23
Description (Chinese)
Linux kernel是美国Linux基金会的开源操作系统Linux所使用的内核。 Linux kernel存在安全漏洞,该漏洞源于gs_usb_receive_bulk_callback中未检查头部长度,可能导致越界读取。
Description (English)
Linux Kernel is the kernel used by Linux, the Open Source Operator System of the Linux Foundation of the United States. Linux Kernel had a security loophole, which originated in gs usb received bulk callback without a header check, which could lead to cross-border reading.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
Linux
Published
2025-12-23
Last Modified
2026-02-24
References
https://git.kernel.org/stable/c/18cbce43363c9f84b90a92d57df341155eee0697 https://git.kernel.org/stable/c/3433680b759646efcacc64fe36aa2e51ae34b8f0 https://git.kernel.org/stable/c/6fe9f3279f7d2518439a7962c5870c6e9ecbadcf https://git.kernel.org/stable/c/f31693dc3a584c0ad3937e857b59dbc1a7ed2b87 https://git.kernel.org/stable/c/616eee3e895b8ca0028163fcb1dce5e3e9dea322 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-68343