-
CVE-2024-38567
- EPSS 0.07%
- Published 19.06.2024 14:15:16
- Last modified 21.11.2024 09:26:22
- Source 416baaa9-dc9f-4396-8d5f-8c081f
- Teams watchlist Login
- Open Login
In the Linux kernel, the following vulnerability has been resolved: wifi: carl9170: add a proper sanity check for endpoints Syzkaller reports [1] hitting a warning which is caused by presence of a wrong endpoint type at the URB sumbitting stage. While there was a check for a specific 4th endpoint, since it can switch types between bulk and interrupt, other endpoints are trusted implicitly. Similar warning is triggered in a couple of other syzbot issues [2]. Fix the issue by doing a comprehensive check of all endpoints taking into account difference between high- and full-speed configuration. [1] Syzkaller report: ... WARNING: CPU: 0 PID: 4721 at drivers/usb/core/urb.c:504 usb_submit_urb+0xed6/0x1880 drivers/usb/core/urb.c:504 ... Call Trace: <TASK> carl9170_usb_send_rx_irq_urb+0x273/0x340 drivers/net/wireless/ath/carl9170/usb.c:504 carl9170_usb_init_device drivers/net/wireless/ath/carl9170/usb.c:939 [inline] carl9170_usb_firmware_finish drivers/net/wireless/ath/carl9170/usb.c:999 [inline] carl9170_usb_firmware_step2+0x175/0x240 drivers/net/wireless/ath/carl9170/usb.c:1028 request_firmware_work_func+0x130/0x240 drivers/base/firmware_loader/main.c:1107 process_one_work+0x9bf/0x1710 kernel/workqueue.c:2289 worker_thread+0x669/0x1090 kernel/workqueue.c:2436 kthread+0x2e8/0x3a0 kernel/kthread.c:376 ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:308 </TASK> [2] Related syzkaller crashes:
Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD
This information is available to logged-in users. Login
Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).
VendorLinux
≫
Product
Linux
Default Statusunaffected
Version <
eb0f2fc3ff5806cc572cd9055ce7c52a01e97645
Version
a84fab3cbfdc427e7d366f1cc844f27b2084c26c
Status
affected
Version <
ac3ed46a8741d464bc70ebdf7433c1d786cf329d
Version
a84fab3cbfdc427e7d366f1cc844f27b2084c26c
Status
affected
Version <
8650725bb0a48b206d5a8ddad3a7488f9a5985b7
Version
a84fab3cbfdc427e7d366f1cc844f27b2084c26c
Status
affected
Version <
6a9892bf24c906b4d6b587f8759ca38bff672582
Version
a84fab3cbfdc427e7d366f1cc844f27b2084c26c
Status
affected
Version <
265c3cda471c26e0f25d0c755da94e1eb15d7a0c
Version
a84fab3cbfdc427e7d366f1cc844f27b2084c26c
Status
affected
Version <
62eb07923f3693d55b0c2d9a5a4f1ad72cb6b8fd
Version
a84fab3cbfdc427e7d366f1cc844f27b2084c26c
Status
affected
Version <
03ddc74bdfd71b84a55c9f2185d8787f258422cd
Version
a84fab3cbfdc427e7d366f1cc844f27b2084c26c
Status
affected
Version <
0fa08a55201ab9be72bacb8ea93cf752d338184f
Version
a84fab3cbfdc427e7d366f1cc844f27b2084c26c
Status
affected
Version <
b6dd09b3dac89b45d1ea3e3bd035a3859c0369a0
Version
a84fab3cbfdc427e7d366f1cc844f27b2084c26c
Status
affected
VendorLinux
≫
Product
Linux
Default Statusaffected
Version
2.6.37
Status
affected
Version <
2.6.37
Version
0
Status
unaffected
Version <=
4.19.*
Version
4.19.316
Status
unaffected
Version <=
5.4.*
Version
5.4.278
Status
unaffected
Version <=
5.10.*
Version
5.10.219
Status
unaffected
Version <=
5.15.*
Version
5.15.161
Status
unaffected
Version <=
6.1.*
Version
6.1.93
Status
unaffected
Version <=
6.6.*
Version
6.6.33
Status
unaffected
Version <=
6.8.*
Version
6.8.12
Status
unaffected
Version <=
6.9.*
Version
6.9.3
Status
unaffected
Version <=
*
Version
6.10
Status
unaffected
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.07% | 0.214 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|