Login Sign Up

CVE-2022-27223

8.8 HIGH
Denial of Service

📋 TL;DR

This vulnerability allows a malicious USB device host to manipulate endpoint indexes in the Linux kernel's Xilinx USB gadget driver, leading to out-of-bounds array access. It affects Linux systems using the udc-xilinx driver before kernel version 5.16.12. Attackers could potentially execute arbitrary code or cause denial of service.

💻 Affected Systems

Products:
  • Linux kernel
Versions: Linux kernel versions before 5.16.12
Operating Systems: Linux distributions using affected kernel versions
Default Config Vulnerable: ⚠️ Yes
Notes: Only affects systems using the Xilinx USB gadget driver (udc-xilinx.c). Embedded systems and devices with Xilinx USB controllers are most at risk.

📦 What is this software?

Active Iq Unified Manager by Netapp

View all CVEs affecting Active Iq Unified Manager →

Debian Linux by Debian

View all CVEs affecting Debian Linux →

H300e Firmware by Netapp

View all CVEs affecting H300e Firmware →

H300s Firmware by Netapp

View all CVEs affecting H300s Firmware →

H410s Firmware by Netapp

View all CVEs affecting H410s Firmware →

H500e Firmware by Netapp

View all CVEs affecting H500e Firmware →

H500s Firmware by Netapp

View all CVEs affecting H500s Firmware →

H700e Firmware by Netapp

View all CVEs affecting H700e Firmware →

H700s Firmware by Netapp

View all CVEs affecting H700s Firmware →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Remote code execution leading to full system compromise if attacker controls USB host and kernel memory corruption is successfully exploited.

🟠

Likely Case

Kernel panic or system crash causing denial of service, potentially requiring physical access or reboot to recover.

🟢

If Mitigated

Limited impact if USB gadget functionality is disabled or proper USB device validation is in place.

🌐 Internet-Facing: LOW - Requires physical USB access or compromised USB host device, not directly exploitable over network.
🏢 Internal Only: MEDIUM - Internal attackers with physical USB access or control of USB host devices could exploit this vulnerability.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ⚠️ Yes
Complexity: MEDIUM

Exploitation requires control of USB host device and knowledge of kernel memory layout. No public exploit code has been identified.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Linux kernel 5.16.12 and later

Vendor Advisory: https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.16.12

Restart Required: Yes

Instructions:

1. Update Linux kernel to version 5.16.12 or later. 2. For distributions: Use package manager (apt/yum/dnf) to install latest kernel updates. 3. Reboot system to load new kernel.

🔧 Temporary Workarounds

Disable Xilinx USB gadget driver

linux

Prevent loading of vulnerable driver module

echo 'blacklist udc-xilinx' >> /etc/modprobe.d/blacklist.conf
rmmod udc-xilinx

Restrict USB device access

all

Limit physical USB port access to trusted devices only

🧯 If You Can't Patch

  • Disable USB gadget functionality in system configuration
  • Implement strict USB device whitelisting and physical security controls

🔍 How to Verify

Check if Vulnerable:

Check kernel version: uname -r. If version is earlier than 5.16.12 and system uses Xilinx USB gadget driver, it's vulnerable.

Check Version:

uname -r

Verify Fix Applied:

Verify kernel version is 5.16.12 or later: uname -r. Check that lsmod | grep udc-xilinx shows driver is either not loaded or updated version.

📡 Detection & Monitoring

Log Indicators:

  • Kernel panic messages
  • USB gadget driver crash logs
  • System crash/reboot events

Network Indicators:

  • Unusual USB device connection patterns

SIEM Query:

source="kernel" AND ("panic" OR "oops" OR "udc-xilinx")

📊 Metadata

CVE ID: CVE-2022-27223
CVSS v3 Score: 8.8 (HIGH)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE: CWE-129
Published: March 16, 2022
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2022-27223, you might also want to check these:

CVE-2020-27483 9.9

This vulnerability in Garmin Forerunner 235 devices allows attackers to potentially execute arbitrar...

Same vulnerability type (CWE-129)
CVE-2020-27485 9.9

This vulnerability in Garmin Forerunner 235 devices allows malicious ConnectIQ store applications to...

Same vulnerability type (CWE-129)
CVE-2021-38563 9.8

This vulnerability in Foxit PDF software allows attackers to trigger memory corruption through malfo...

Same vulnerability type (CWE-129)