CVE-2025-68622
Stack Buffer Overflow in Espressif ESP-IDF USB Host UVC Driver
Publication date: 2026-01-12
Last updated on: 2026-01-12
Assigner: GitHub, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| espressif | usb_host_uvc | to 2.4.0 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-121 | A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function). |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-68622 is a stack buffer overflow vulnerability in the Espressif esp-usb USB Host UVC Class Driver that occurs during the printing of USB Video Class (UVC) configuration descriptors. When verbose descriptor printing is enabled, a malicious UVC device can present a specially crafted descriptor with an excessively large length field. This length is not validated before being copied into a fixed-size stack buffer, causing a buffer overflow and memory corruption. The vulnerability arises from unnecessary memcpy operations that copy descriptor data into local buffers, which was fixed by removing these copies and directly accessing the data structures. This flaw allows an attacker to potentially crash the system or execute arbitrary code by connecting a rogue UVC device. [1, 3]
How can this vulnerability impact me? :
This vulnerability can impact you by allowing a malicious USB Video Class (UVC) device to cause a stack buffer overflow on the host system. This can lead to memory corruption, resulting in a system crash (denial of service) or potentially arbitrary code execution. An attacker who can connect a rogue UVC device to the affected system could exploit this vulnerability to disrupt normal operation or take control of the system. [3]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by enabling verbose UVC configuration-descriptor printing on the Espressif USB Host UVC driver and monitoring for crashes or abnormal behavior when a USB Video Class device is connected. Since the vulnerability occurs during descriptor parsing, observing stack buffer overflow symptoms or memory corruption when connecting UVC devices may indicate exploitation. Specific commands are not provided in the resources, but updating to version 2.4.0 or later, which includes fixes and validation, is recommended to prevent detection issues. [3, 2]
What immediate steps should I take to mitigate this vulnerability?
The immediate mitigation step is to upgrade the Espressif USB Host UVC driver to version 2.4.0 or later, where the vulnerability is fixed by removing unsafe memcpy operations and adding descriptor-length validation. This update eliminates the stack buffer overflow risk during UVC descriptor printing. Additionally, avoid enabling verbose UVC configuration-descriptor printing on vulnerable versions to reduce exposure. [1, 2, 3]