7.8
CVE-2024-40903
- EPSS 0.28%
- Veröffentlicht 12.07.2024 13:15:13
- Zuletzt bearbeitet 03.11.2025 22:17:12
- Quelle 416baaa9-dc9f-4396-8d5f-8c081f
- CVE-Watchlists
- Unerledigt
usb: typec: tcpm: fix use-after-free case in tcpm_register_source_caps
In the Linux kernel, the following vulnerability has been resolved: usb: typec: tcpm: fix use-after-free case in tcpm_register_source_caps There could be a potential use-after-free case in tcpm_register_source_caps(). This could happen when: * new (say invalid) source caps are advertised * the existing source caps are unregistered * tcpm_register_source_caps() returns with an error as usb_power_delivery_register_capabilities() fails This causes port->partner_source_caps to hold on to the now freed source caps. Reset port->partner_source_caps value to NULL after unregistering existing source caps.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version >= 6.1.61 < 6.1.95
Linux ≫ Linux Kernel Version >= 6.6.31 < 6.6.35
Linux ≫ Linux Kernel Version >= 6.9 < 6.9.6
Linux ≫ Linux Kernel Version6.10 Updaterc1
Linux ≫ Linux Kernel Version6.10 Updaterc2
Linux ≫ Linux Kernel Version6.10 Updaterc3
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.28% | 0.198 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.8 | 1.8 | 5.9 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
|
CWE-416 Use After Free
The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.
https://git.kernel.org/stable/c/04c05d50fa79a41582f7bde8a1fd4377ae4a39e5
https://git.kernel.org/stable/c/4053696594d7235f3638d49a00cf0f289e4b36a3
https://git.kernel.org/stable/c/6b67b652849faf108a09647c7fde9b179ef24e2b
https://git.kernel.org/stable/c/e7e921918d905544500ca7a95889f898121ba886
https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html