UBUNTU-CVE-2022-27223

Advisory lineage Upstream: 1 Downstream: 5
Upstream
CVE-2022-27223
Published: 16 Mar 2022, 00:15
Last modified:03 Jun 2026, 13:35

Vulnerability Summary

Overall Risk (default)
medium
35/100
CVSS Score
8.8 HIGH
3.1 (osv_ubuntu)
EPSS Score
No data
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected

Timeline

16 Mar 2022, 00:15
Published
Vulnerability first disclosed
03 Jun 2026, 13:35
Last Modified
Vulnerability information updated

Description

In drivers/usb/gadget/udc/udc-xilinx.c in the Linux kernel before 5.16.12, the endpoint index is not validated and might be manipulated by the host for out-of-array access.

CVSS Metrics

  • v3.1HIGHScore: 8.8CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Affected Systems

  • ubuntulinux

    < 4.4.0-224.257 | < 4.15.0-177.186 | < 5.4.0-110.124

  • ubuntulinux-aws

    < 4.4.0-1104.109 | < 4.4.0-1140.154 | < 4.15.0-1128.137 | < 5.4.0-1073.78

  • ubuntulinux-aws-5.0

    all

  • ubuntulinux-aws-5.11

    all

  • ubuntulinux-aws-5.13

    < 5.13.0-1023.25~20.04.1

  • ubuntulinux-aws-5.3

    all

  • ubuntulinux-aws-5.4

    < 5.4.0-1075.80~18.04.1

  • ubuntulinux-aws-5.8

    all

  • ubuntulinux-aws-fips

    < 4.15.0-2067.70 | all | < 5.4.0-1073.78+fips1

  • ubuntulinux-aws-hwe

    < 4.15.0-1128.137~16.04.1

  • ubuntulinux-azure

    < 4.15.0-1138.151~14.04.1 | < 4.15.0-1138.151~16.04.1 | all | < 5.4.0-1078.81

  • ubuntulinux-azure-4.15

    < 4.15.0-1138.151

  • ubuntulinux-azure-5.11

    all

  • ubuntulinux-azure-5.13

    < 5.13.0-1023.27~20.04.1

  • ubuntulinux-azure-5.3

    all

  • ubuntulinux-azure-5.4

    < 5.4.0-1078.81~18.04.1

  • ubuntulinux-azure-5.8

    all

  • ubuntulinux-azure-edge

    all

  • ubuntulinux-azure-fips

    < 4.15.0-2049.53 | all | < 5.4.0-1078.81+fips1

  • ubuntulinux-bluefield

    < 5.4.0-1040.44 | all

  • ubuntulinux-dell300x

    < 4.15.0-1042.47

  • ubuntulinux-fips

    < 4.4.0-1074.80 | all | < 4.15.0-1085.94 | < 5.4.0-1049.55

  • ubuntulinux-gcp

    < 4.15.0-1122.136~16.04.1 | all | < 5.4.0-1073.78

  • ubuntulinux-gcp-4.15

    < 4.15.0-1122.136

  • ubuntulinux-gcp-5.11

    all

  • ubuntulinux-gcp-5.13

    < 5.13.0-1025.30~20.04.1

  • ubuntulinux-gcp-5.3

    all

  • ubuntulinux-gcp-5.4

    < 5.4.0-1073.78~18.04.1

  • ubuntulinux-gcp-5.8

    all

  • ubuntulinux-gcp-fips

    < 4.15.0-2032.35 | all | < 5.4.0-1073.78+fips1

  • ubuntulinux-gke

    < 5.4.0-1071.76

  • ubuntulinux-gke-4.15

    all

  • ubuntulinux-gke-5.4

    < 5.4.0-1071.76~18.04.3

  • ubuntulinux-gkeop

    < 5.4.0-1040.41

  • ubuntulinux-gkeop-5.4

    < 5.4.0-1040.41~18.04.1

  • ubuntulinux-hwe

    < 4.15.0-177.186~16.04.1 | all

  • ubuntulinux-hwe-5.11

    all

  • ubuntulinux-hwe-5.13

    < 5.13.0-41.46~20.04.1

  • ubuntulinux-hwe-5.4

    < 5.4.0-110.124~18.04.1

  • ubuntulinux-hwe-5.8

    all

  • ubuntulinux-hwe-edge

    all | all

  • ubuntulinux-ibm

    < 5.4.0-1021.23

  • ubuntulinux-ibm-5.4

    < 5.4.0-1021.23~18.04.1

  • ubuntulinux-intel-5.13

    all

  • ubuntulinux-intel-iot-realtime

    all

  • ubuntulinux-intel-iotg-5.15

    < 5.15.0-1008.11~20.04.1

  • ubuntulinux-iot

    < 5.4.0-1004.6

  • ubuntulinux-kvm

    < 4.4.0-1105.114 | < 4.15.0-1114.117 | < 5.4.0-1063.66

  • ubuntulinux-lts-xenial

    < 4.4.0-224.257~14.04.1

  • ubuntulinux-nvidia

    all

Showing first 50 affected entries in server-rendered view.

References (10)