CVE-2023-54277
Unknown Unknown - Not Provided
Endpoint Validation Flaw in Linux udlfb Driver Causes USB Errors

Publication date: 2025-12-30

Last updated on: 2025-12-30

Assigner: kernel.org

Description
In the Linux kernel, the following vulnerability has been resolved: fbdev: udlfb: Fix endpoint check The syzbot fuzzer detected a problem in the udlfb driver, caused by an endpoint not having the expected type: usb 1-1: Read EDID byte 0 failed: -71 usb 1-1: Unable to get valid EDID from device/display ------------[ cut here ]------------ usb 1-1: BOGUS urb xfer, pipe 3 != type 1 WARNING: CPU: 0 PID: 9 at drivers/usb/core/urb.c:504 usb_submit_urb+0xed6/0x1880 drivers/usb/core/urb.c:504 Modules linked in: CPU: 0 PID: 9 Comm: kworker/0:1 Not tainted 6.4.0-rc1-syzkaller-00016-ga4422ff22142 #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/28/2023 Workqueue: usb_hub_wq hub_event RIP: 0010:usb_submit_urb+0xed6/0x1880 drivers/usb/core/urb.c:504 ... Call Trace: <TASK> dlfb_submit_urb+0x92/0x180 drivers/video/fbdev/udlfb.c:1980 dlfb_set_video_mode+0x21f0/0x2950 drivers/video/fbdev/udlfb.c:315 dlfb_ops_set_par+0x2a7/0x8d0 drivers/video/fbdev/udlfb.c:1111 dlfb_usb_probe+0x149a/0x2710 drivers/video/fbdev/udlfb.c:1743 The current approach for this issue failed to catch the problem because it only checks for the existence of a bulk-OUT endpoint; it doesn't check whether this endpoint is the one that the driver will actually use. We can fix the problem by instead checking that the endpoint used by the driver does exist and is bulk-OUT.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-12-30
Last Modified
2025-12-30
Generated
2026-05-07
AI Q&A
2025-12-30
EPSS Evaluated
2026-05-05
NVD
CVE-2023-54277
EUVD
EUVD-2023-60527
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
linux linux_kernel *
linux kernel *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-UNKNOWN
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

This vulnerability is in the Linux kernel's udlfb driver, where the driver incorrectly checks for a USB endpoint. It only verifies the existence of a bulk-OUT endpoint but does not confirm if the endpoint is the one actually used by the driver. This leads to errors such as failing to read EDID bytes and invalid USB requests, causing warnings and potential malfunction in USB display devices.


How can this vulnerability impact me? :

The vulnerability can cause the udlfb driver to malfunction when interacting with USB display devices, resulting in failures to read display information (EDID) and invalid USB requests. This can lead to display devices not working correctly or system warnings/errors related to USB communication.


How can this vulnerability be detected on my network or system? Can you suggest some commands?

Detection of this vulnerability involves monitoring kernel logs for specific error messages related to the udlfb driver and USB endpoints. You can check the kernel log for messages like 'usb 1-1: Read EDID byte 0 failed: -71', 'usb 1-1: Unable to get valid EDID from device/display', or 'BOGUS urb xfer, pipe 3 != type 1'. Use the command 'dmesg | grep -i udlfb' or 'journalctl -k | grep -i udlfb' to filter relevant logs. Additionally, monitoring for warnings at 'drivers/usb/core/urb.c' related to 'usb_submit_urb' may help identify the issue.


What immediate steps should I take to mitigate this vulnerability?

Immediate mitigation involves updating the Linux kernel to a version where the udlfb driver endpoint check has been fixed. The fix ensures that the driver verifies the endpoint it uses is actually bulk-OUT, preventing the issue. Until an update is applied, monitoring logs for the described errors and avoiding use of affected hardware or drivers may reduce risk.


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart