Buffer Overflow in USB DFU requested length

Description

USB DFU has a potential buffer overflow where the requested length (wLength) is not checked against the buffer size. This could be used by a malicious USB host to exploit the buffer overflow.

See NCC-ZEP-002

Environment

None

Assignee

David Brown

Reporter

David Brown

Labels

None

Authorized viewers

Jeremy Boone

CVE

CVE-2020-10019

Embargo Lift

2020/05/01

Components

Fix versions

Affects versions

Priority

High
Configure