5.5

CVE-2024-27001

EPSS 0.02%
Veröffentlicht 01.05.2024 06:15:18
Zuletzt bearbeitet 23.12.2025 00:44:57
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
CVE-Watchlists
Login
Unerledigt
Login

In the Linux kernel, the following vulnerability has been resolved:

comedi: vmk80xx: fix incomplete endpoint checking

While vmk80xx does have endpoint checking implemented, some things
can fall through the cracks. Depending on the hardware model,
URBs can have either bulk or interrupt type, and current version
of vmk80xx_find_usb_endpoints() function does not take that fully
into account. While this warning does not seem to be too harmful,
at the very least it will crash systems with 'panic_on_warn' set on
them.

Fix the issue found by Syzkaller [1] by somewhat simplifying the
endpoint checking process with usb_find_common_endpoints() and
ensuring that only expected endpoint types are present.

This patch has not been tested on real hardware.

[1] Syzkaller report:
usb 1-1: BOGUS urb xfer, pipe 1 != type 3
WARNING: CPU: 0 PID: 781 at drivers/usb/core/urb.c:504 usb_submit_urb+0xc4e/0x18c0 drivers/usb/core/urb.c:503
...
Call Trace:
 <TASK>
 usb_start_wait_urb+0x113/0x520 drivers/usb/core/message.c:59
 vmk80xx_reset_device drivers/comedi/drivers/vmk80xx.c:227 [inline]
 vmk80xx_auto_attach+0xa1c/0x1a40 drivers/comedi/drivers/vmk80xx.c:818
 comedi_auto_config+0x238/0x380 drivers/comedi/drivers.c:1067
 usb_probe_interface+0x5cd/0xb00 drivers/usb/core/driver.c:399
...

Similar issue also found by Syzkaller:

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 16

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

Diese Information steht angemeldeten Benutzern zur Verfügung.

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Linux ≫ Linux Kernel Version >= 3.9 < 4.19.313

Linux ≫ Linux Kernel Version >= 4.20 < 5.4.275

Linux ≫ Linux Kernel Version >= 5.5 < 5.10.216

Linux ≫ Linux Kernel Version >= 5.11 < 5.15.157

Linux ≫ Linux Kernel Version >= 5.16 < 6.1.88

Linux ≫ Linux Kernel Version >= 6.2 < 6.6.29

Linux ≫ Linux Kernel Version >= 6.7 < 6.8.8

Linux ≫ Linux Kernel Version6.9 Updaterc1

Linux ≫ Linux Kernel Version6.9 Updaterc2

Linux ≫ Linux Kernel Version6.9 Updaterc3

Linux ≫ Linux Kernel Version6.9 Updaterc4

Debian ≫ Debian Linux Version10.0

Fedoraproject ≫ Fedora Version38

Fedoraproject ≫ Fedora Version39

Fedoraproject ≫ Fedora Version40

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.02%	0.051

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	5.5	1.8	3.6	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Es wurden noch keine Informationen zu CWE veröffentlicht.

https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html

Third Party Advisory

Mailing List

https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html

Third Party Advisory

Mailing List

https://git.kernel.org/stable/c/3a63ae0348d990e137cca04eced5b08379969ea9

Patch

https://git.kernel.org/stable/c/59f33af9796160f851641d960bd93937f282c696

Patch

https://git.kernel.org/stable/c/6ec3514a7d35ad9cfab600187612c29f669069d2

Patch

https://git.kernel.org/stable/c/a3b8ae7e9297dd453f2977b011c5bc75eb20e71b

Patch

https://git.kernel.org/stable/c/ac882d6b21bffecb57bcc4486701239eef5aa67b

Patch

https://git.kernel.org/stable/c/b0b268eeb087e324ef3ea71f8e6cabd07630517f

Patch

https://git.kernel.org/stable/c/d1718530e3f640b7d5f0050e725216eab57a85d8

Patch

https://git.kernel.org/stable/c/f15370e315976198f338b41611f37ce82af6cf54

Patch

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4EZ6PJW7VOZ224TD7N4JZNU6KV32ZJ53/

Third Party Advisory

Mailing List

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DAMSOZXJEPUOXW33WZYWCVAY7Z5S7OOY/

Third Party Advisory

Mailing List

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GCBZZEC7L7KTWWAS2NLJK6SO3IZIL4WW/

Third Party Advisory

Mailing List

https://nvd.nist.gov/vuln/detail/CVE-2024-27001

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2024-27001

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2024-27001

EUVD