CVE-2024-45027

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2024-45027
In the Linux kernel, the following vulnerability has been resolved: usb: xhci: Check for xhci->interrupters being allocated in xhci_mem_clearup() If xhci_mem_init() fails, it calls into xhci_mem_cleanup() to mop up the damage. If it fails early enough, before xhci->interrupters is allocated but after xhci->max_interrupters has been set, which happens in most (all?) cases, things get uglier, as xhci_mem_cleanup() unconditionally derefences xhci->interrupters. With prejudice. Gate the interrupt freeing loop with a check on xhci->interrupters being non-NULL. Found while debugging a DMA allocation issue that led the XHCI driver on this exact path.

5.5 /10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://git.kernel.org/stable/c/770cacc75b0091ece17349195d72133912c1ca7c Patch
https://git.kernel.org/stable/c/dcdb52d948f3a17ccd3fce757d9bd981d7c32039 Patch
Configurations

Configuration 1 (hide)

OR cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.11:rc1:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.11:rc2:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.11:rc3:*:*:*:*:*:*
History

13 Sep 2024, 16:29

Type Values Removed Values Added
CVSS v2 : unknown
v3 : unknown 		v2 : unknown
v3 : 5.5
CWE CWE-459
CPE cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.11:rc1:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.11:rc3:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.11:rc2:*:*:*:*:*:*
References () https://git.kernel.org/stable/c/770cacc75b0091ece17349195d72133912c1ca7c - () https://git.kernel.org/stable/c/770cacc75b0091ece17349195d72133912c1ca7c - Patch
References () https://git.kernel.org/stable/c/dcdb52d948f3a17ccd3fce757d9bd981d7c32039 - () https://git.kernel.org/stable/c/dcdb52d948f3a17ccd3fce757d9bd981d7c32039 - Patch
Summary
  • (es) En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: usb: xhci: Comprueba que xhci->interrupters se asignen en xhci_mem_clearup() Si xhci_mem_init() falla, llama a xhci_mem_cleanup() para limpiar el daño. Si falla lo suficientemente pronto, antes de que se asigne xhci->interrupters pero después de que se haya establecido xhci->max_interrupters, lo que sucede en la mayoría (¿todos?) de los casos, las cosas se ponen peor, ya que xhci_mem_cleanup() desreferencia incondicionalmente a xhci->interrupters. Con prejuicio. Bloquea el bucle de liberación de interrupciones con una comprobación de que xhci->interrupters no sea NULL. Se encontró mientras se depuraba un problema de asignación de DMA que llevó al controlador XHCI por este camino exacto.
First Time Linux linux Kernel
Linux

11 Sep 2024, 16:15

Type Values Removed Values Added
New CVE
Information

Published : 2024-09-11 16:15

Updated : 2024-09-13 16:29

NVD link : CVE-2024-45027

Mitre link : CVE-2024-45027

CVE.ORG link : CVE-2024-45027

JSON object : View

Products Affected

linux

  • linux_kernel
CWE
CWE-459

Incomplete Cleanup


NetmanageIT Website NetmanageIT OSINT Web NetmanageIT OpenCTI NetmanageIT PDF Tools NetmanageIT CTO Corner Blog NetmanageIT Email Header Analyzer NetmanageIT Password Pusher NetmanageIT Internet Health and Latency Dashboard NetmanageIT Dedicated Speed Test Site NetmanageIT Ubuntu Mirror 10Gbps Copyright OpenCVE 2024