GHSA-c4hf-x9gr-w5f8

Опубликовано: 30 июл. 2024

Источник: github

Github: Не прошло ревью

CVSS3: 4.6

Описание

In the Linux kernel, the following vulnerability has been resolved:

usb: xhci: prevent potential failure in handle_tx_event() for Transfer events without TRB

Some transfer events don't always point to a TRB, and consequently don't have a endpoint ring. In these cases, function handle_tx_event() should not proceed, because if 'ep->skip' is set, the pointer to the endpoint ring is used.

To prevent a potential failure and make the code logical, return after checking the completion code for a Transfer event without TRBs.

In the Linux kernel, the following vulnerability has been resolved:

usb: xhci: prevent potential failure in handle_tx_event() for Transfer events without TRB

To prevent a potential failure and make the code logical, return after checking the completion code for a Transfer event without TRBs.

Ссылки

4.6 Medium

CVSS3

CVE ID

CVE-2024-42226

Дефекты

CWE-476

Связанные уязвимости

CVE-2024-42226

CVSS3: 5.5

redhat

11 месяцев назад

In the Linux kernel, the following vulnerability has been resolved: usb: xhci: prevent potential failure in handle_tx_event() for Transfer events without TRB Some transfer events don't always point to a TRB, and consequently don't have a endpoint ring. In these cases, function handle_tx_event() should not proceed, because if 'ep->skip' is set, the pointer to the endpoint ring is used. To prevent a potential failure and make the code logical, return after checking the completion code for a Transfer event without TRBs.