Out-of-bounds write in USB Mass Storage with unaligned sizes

Description

Out-of-bounds Write in the USB Mass Storage memoryWrite handler with unaligned Sizes

See NCC-ZEP-024, NCC-ZEP-025, NCC-ZEP-026

Environment

None

Activity

Show:
David Brown
March 3, 2020, 6:57 PM

CVE-2020-10021. Fix coming.

Flavio Ceolin
March 4, 2020, 7:19 PM

David Brown
March 4, 2020, 9:28 PM

I would argue that this should be “High”, as it can be exploited via an external connection.

Assignee

Flavio Ceolin

Reporter

David Brown

Labels

None

Authorized viewers

Jeremy Boone

CVE

CVE-2020-10021

Embargo Lift

2020/05/01

Fix versions

Affects versions

Priority

High
Configure