4.4

CVE-2024-26747

usb: roles: fix NULL pointer issue when put module's reference

In the Linux kernel, the following vulnerability has been resolved:

usb: roles: fix NULL pointer issue when put module's reference

In current design, usb role class driver will get usb_role_switch parent's
module reference after the user get usb_role_switch device and put the
reference after the user put the usb_role_switch device. However, the
parent device of usb_role_switch may be removed before the user put the
usb_role_switch. If so, then, NULL pointer issue will be met when the user
put the parent module's reference.

This will save the module pointer in structure of usb_role_switch. Then,
we don't need to find module by iterating long relations.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 4.19 < 5.10.211
LinuxLinux Kernel Version >= 5.11 < 5.15.150
LinuxLinux Kernel Version >= 5.16 < 6.1.80
LinuxLinux Kernel Version >= 6.2 < 6.6.19
LinuxLinux Kernel Version >= 6.7 < 6.7.7
LinuxLinux Kernel Version6.8 Updaterc1
LinuxLinux Kernel Version6.8 Updaterc2
LinuxLinux Kernel Version6.8 Updaterc3
LinuxLinux Kernel Version6.8 Updaterc4
LinuxLinux Kernel Version6.8 Updaterc5
DebianDebian Linux Version10.0
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.24% 0.145
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
134c704f-9b21-4f2e-91b3-4a467353bcc0 4.4 0.8 3.6
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
CWE-476 NULL Pointer Dereference

The product dereferences a pointer that it expects to be valid but is NULL.

https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html
Mailing List
https://git.kernel.org/stable/c/0158216805ca7e498d07de38840d2732166ae5fa
Patch
https://git.kernel.org/stable/c/01f82de440f2ab07c259b7573371e1c42e5565db
Patch
https://git.kernel.org/stable/c/1c9be13846c0b2abc2480602f8ef421360e1ad9e
Patch
https://git.kernel.org/stable/c/4b45829440b1b208948b39cc71f77a37a2536734
Patch
https://git.kernel.org/stable/c/e279bf8e51893e1fe160b3d8126ef2dd00f661e1
Patch
https://git.kernel.org/stable/c/ef982fc41055fcebb361a92288d3225783d12913
Patch