CVE-2024-26964 : In the Linux kernel, the following vulnerability has been resolved: usb: xhci:

In the Linux kernel, the following vulnerability has been resolved: usb: xhci: Add error handling in xhci_map_urb_for_dma Currently xhci_map_urb_for_dma() creates a temporary buffer and copies the SG list to the new linear buffer. But if the kzalloc_node() fails, then the following sg_pcopy_to_buffer() can lead to crash since it tries to memcpy to NULL pointer. So return -ENOMEM if kzalloc returns null pointer.

Published 2024-05-01 06:15:13

Updated 2024-12-23 13:41:58

Source Linux

View at NVD, CVE.org

Products affected by CVE-2024-26964

Linux » Linux Kernel
Versions from including (>=) 6.8 and before (<) 6.8.3
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel
Versions from including (>=) 5.11 and before (<) 5.15.154
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel
Versions from including (>=) 6.7 and before (<) 6.7.12
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel
Versions from including (>=) 6.2 and before (<) 6.6.24
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel
Versions from including (>=) 5.16 and before (<) 6.1.84
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2024-26964

EPSS FAQ

0.05%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 15 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2024-26964

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source	First Seen
5.5	MEDIUM	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H	1.8	3.6	NIST	2024-12-23
Attack Vector: Local Attack Complexity: Low Privileges Required: Low User Interaction: None Scope: Unchanged Confidentiality: None Integrity: None Availability: High
5.5	MEDIUM	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H	N/A	N/A	RedHat-CVE-2024-26964	2024-05-01
Attack Vector: Local Attack Complexity: Low Privileges Required: Low User Interaction: None Scope: Unchanged Confidentiality: None Integrity: None Availability: High

CWE ids for CVE-2024-26964

CWE-476 NULL Pointer Dereference

The product dereferences a pointer that it expects to be valid but is NULL.

Assigned by: nvd@nist.gov (Primary)

References for CVE-2024-26964

https://git.kernel.org/stable/c/b2c898469dfc388f619c6c972a28466cbb1442ea

usb: xhci: Add error handling in xhci_map_urb_for_dma - kernel/git/stable/linux.git - Linux kernel stable tree
Patch
https://git.kernel.org/stable/c/620b6cf2f1a270f48d38e6b8ce199c1acb3e90f4

usb: xhci: Add error handling in xhci_map_urb_for_dma - kernel/git/stable/linux.git - Linux kernel stable tree
Patch
https://git.kernel.org/stable/c/be95cc6d71dfd0cba66e3621c65413321b398052

usb: xhci: Add error handling in xhci_map_urb_for_dma - kernel/git/stable/linux.git - Linux kernel stable tree
Patch
https://git.kernel.org/stable/c/4a49d24fdec0a802aa686a567a3989a9fdf4e5dd

usb: xhci: Add error handling in xhci_map_urb_for_dma - kernel/git/stable/linux.git - Linux kernel stable tree
Patch
https://git.kernel.org/stable/c/7b6cc33593d7ccfc3011b290849cfa899db46757

usb: xhci: Add error handling in xhci_map_urb_for_dma - kernel/git/stable/linux.git - Linux kernel stable tree
Patch
https://git.kernel.org/stable/c/962300a360d24c5be5a188cda48da58a37e4304d

usb: xhci: Add error handling in xhci_map_urb_for_dma - kernel/git/stable/linux.git - Linux kernel stable tree
Patch

Jump to

Vulnerability Details : CVE-2024-26964

Products affected by CVE-2024-26964

Exploit prediction scoring system (EPSS) score for CVE-2024-26964

CVSS scores for CVE-2024-26964

CWE ids for CVE-2024-26964

References for CVE-2024-26964