CVE-2022-39293
HIGHDescription
Azure RTOS USBX is a high-performance USB host, device, and on-the-go (OTG) embedded stack, that is fully integrated with Azure RTOS ThreadX. The case is, in _ux_host_class_pima_read, there is data length from device response, returned in the very first packet, and read by L165 code, as header_length. Then in L178 code, there is a “if” branch, which check the expression of “(header_length - UX_HOST_CLASS_PIMA_DATA_HEADER_SIZE) > data_length” where if header_length is smaller than UX_HOST_CLASS_PIMA_DATA_HEADER_SIZE, calculation could overflow and then L182 code the calculation of data_length is also overflow, this way the later while loop start from L192 can move data_pointer to unexpected address and cause write buffer overflow. The fix has been included in USBX release 6.1.12. The following can be used as a workaround: Add check of `header_length`: 1. It must be greater than `UX_HOST_CLASS_PIMA_DATA_HEADER_SIZE`. 1. It should be greater or equal to the current returned data length (`transfer_request -> ux_transfer_request_actual_length`).
How to fix
Remediation is compiled from vendor and distribution security advisories. Always confirm against the linked source for your exact version and platform.
CVSS v3 Vector
Exploitability
Impact
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H
Exploit Intelligence
Moderate risk: more likely to be exploited than 46% of all known CVEs.
References
Related Vulnerabilities
Other CWE-191 vulnerabilities, ordered by exploit likelihood. View all
| CVE | Severity | CVSS | EPSS | Exploited | Fix |
|---|---|---|---|---|---|
| CVE-2014-0497 | Critical | 9.8 | 100% | KEV | Fix |
| CVE-2020-36221 | High | 7.5 | 84% | - | Fix |
| CVE-2020-36228 | High | 7.5 | 83% | - | Fix |
| CVE-2023-31102 | High | 7.8 | 71% | - | Fix |
| CVE-2024-38063 | Critical | 9.8 | 71% | - | Fix |
| CVE-2017-14496 | High | 7.5 | 66% | - | Fix |
Embed a live status badge for CVE-2022-39293
Markdown
[](https://tridentstack.com/cve/CVE-2022-39293)HTML
<a href="https://tridentstack.com/cve/CVE-2022-39293"><img src="https://tridentstack.com/cve/badge/CVE-2022-39293.svg" alt="CVE-2022-39293"></a>Find and fix vulnerabilities across your fleet
TridentStack Control continuously scans your Windows, macOS, and Linux fleet for known vulnerabilities, prioritizes them by severity and active exploitation, and patches them automatically.
Start freeThis product uses NVD data but is not endorsed or certified by the NVD. EPSS scores courtesy of FIRST.org (https://www.first.org/epss). Source: CISA KEV Catalog. Data as of 2025-10-27.