CVE-2023-37453 Information

Description

An issue was discovered in the USB subsystem in the Linux kernel through 6.4.2. There is an out-of-bounds and crash in read_descriptors in drivers/usb/core/sysfs.c.

Reference

https://syzkaller.appspot.com/bug?extid=18996170f8096c6174d0 https://lore.kernel.org/all/000000000000c0ffe505fe86c9ca@google.com/T/ https://lore.kernel.org/all/000000000000e56434059580f86e@google.com/T/