{"id":"CVE-2023-52781","summary":"usb: config: fix iteration issue in 'usb_get_bos_descriptor()'","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nusb: config: fix iteration issue in 'usb_get_bos_descriptor()'\n\nThe BOS descriptor defines a root descriptor and is the base descriptor for\naccessing a family of related descriptors.\n\nFunction 'usb_get_bos_descriptor()' encounters an iteration issue when\nskipping the 'USB_DT_DEVICE_CAPABILITY' descriptor type. This results in\nthe same descriptor being read repeatedly.\n\nTo address this issue, a 'goto' statement is introduced to ensure that the\npointer and the amount read is updated correctly. This ensures that the\nfunction iterates to the next descriptor instead of reading the same\ndescriptor repeatedly.","modified":"2026-04-02T09:43:20.074422Z","published":"2024-05-21T15:31:00.242Z","related":["ALSA-2024:4352","SUSE-SU-2024:1979-1","SUSE-SU-2024:1983-1","SUSE-SU-2024:2008-1","SUSE-SU-2024:2011-1","SUSE-SU-2024:2019-1","SUSE-SU-2024:2184-1","SUSE-SU-2024:2189-1","SUSE-SU-2024:2190-1","SUSE-SU-2024:2571-1","SUSE-SU-2024:2896-1","SUSE-SU-2024:2973-1","SUSE-SU-2025:20008-1","SUSE-SU-2025:20028-1"],"database_specific":{"osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/52xxx/CVE-2023-52781.json","cna_assigner":"Linux"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/64c27b7b2357ddb38b6afebaf46d5bff4d250702"},{"type":"WEB","url":"https://git.kernel.org/stable/c/7c0244cc311a4038505b73682b7c8ceaa5c7a8c8"},{"type":"WEB","url":"https://git.kernel.org/stable/c/974bba5c118f4c2baf00de0356e3e4f7928b4cbc"},{"type":"WEB","url":"https://git.kernel.org/stable/c/9ef94ec8e52eaf7b9abc5b5f8f5b911751112223"},{"type":"WEB","url":"https://git.kernel.org/stable/c/f89fef7710b2ba0f7a1e46594e530dcf2f77be91"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/52xxx/CVE-2023-52781.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2023-52781"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"3dd550a2d36596a1b0ee7955da3b611c031d3873"},{"fixed":"9ef94ec8e52eaf7b9abc5b5f8f5b911751112223"},{"fixed":"64c27b7b2357ddb38b6afebaf46d5bff4d250702"},{"fixed":"f89fef7710b2ba0f7a1e46594e530dcf2f77be91"},{"fixed":"7c0244cc311a4038505b73682b7c8ceaa5c7a8c8"},{"fixed":"974bba5c118f4c2baf00de0356e3e4f7928b4cbc"}]},{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"0"},{"last_affected":"77ce180d68beffd1af620d0121590e16683fc6b8"},{"last_affected":"20a07e1aadcd6990893c532d1b2b507bfa065152"},{"last_affected":"a5c051b6503c0ba543e993cfc295b64f096e0a29"},{"last_affected":"ea4a173d8358b756a780786baa3fc39d282bdbe3"},{"last_affected":"77d4e2a058858b4a94fc469bc1bfc94a0958e252"},{"last_affected":"1fc15d29540a69cfb55c8b8f8c38f1af33178243"},{"last_affected":"9f8dd40c68c176f2c3f1fc8b87bc81756856938f"}]}],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-52781.json"}}],"schema_version":"1.7.5"}