CVE-2024-26919

Summary

In the Linux kernel, the following vulnerability has been resolved:

usb: ulpi: Fix debugfs directory leak

The ULPI per-device debugfs root is named after the ulpi device's parent, but ulpi_unregister_interface tries to remove a debugfs directory named after the ulpi device itself. This results in the directory sticking around and preventing subsequent (deferred) probes from succeeding. Change the directory name to match the ulpi device.

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxbd0a0a024f2a41e7cc8eadb9862f82c45884b69c < d31b886ed6a5095214062ee4fb55037eb930adb6affected
LinuxLinuxbd0a0a024f2a41e7cc8eadb9862f82c45884b69c < 330d22aba17a4d30a56f007d0f51291d7e00862baffected
LinuxLinuxbd0a0a024f2a41e7cc8eadb9862f82c45884b69c < 33713945cc92ea9c4a1a9479d5c1b7acb7fc4df3affected
LinuxLinuxbd0a0a024f2a41e7cc8eadb9862f82c45884b69c < 3caf2b2ad7334ef35f55b95f3e1b138c6f77b368affected
LinuxLinux5.18affected
LinuxLinux0 < 5.18unaffected
LinuxLinux6.1.79 <= 6.1.*unaffected
LinuxLinux6.6.18 <= 6.6.*unaffected
LinuxLinux6.7.6 <= 6.7.*unaffected
LinuxLinux6.8 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

References