MEDIUM
libusb
CVE published 2026-05-27
CVE-2026-23679
libusb versions prior to 1.0.30 contain a NULL pointer dereference vulnerability in the `parse_interface()` function. The flaw occurs when a malformed USB configuration descriptor claims `bNumEndpoints > 0` but is followed by a class-specific descriptor with a `bLength` exceeding the remaining buffer size. This causes early return from `parse_interface()` without allocating the endpoint array, leaving a N [truncated]