CVE-2024-26964

Summary

In the Linux kernel, the following vulnerability has been resolved:

usb: xhci: Add error handling in xhci_map_urb_for_dma

Currently xhci_map_urb_for_dma() creates a temporary buffer and copies the SG list to the new linear buffer. But if the kzalloc_node() fails, then the following sg_pcopy_to_buffer() can lead to crash since it tries to memcpy to NULL pointer.

So return -ENOMEM if kzalloc returns null pointer.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux2017a1e58472a27e532b9644b4a61dfe18f6baac < 4a49d24fdec0a802aa686a567a3989a9fdf4e5ddaffected
LinuxLinux2017a1e58472a27e532b9644b4a61dfe18f6baac < b2c898469dfc388f619c6c972a28466cbb1442eaaffected
LinuxLinux2017a1e58472a27e532b9644b4a61dfe18f6baac < 620b6cf2f1a270f48d38e6b8ce199c1acb3e90f4affected
LinuxLinux2017a1e58472a27e532b9644b4a61dfe18f6baac < 962300a360d24c5be5a188cda48da58a37e4304daffected
LinuxLinux2017a1e58472a27e532b9644b4a61dfe18f6baac < 7b6cc33593d7ccfc3011b290849cfa899db46757affected
LinuxLinux2017a1e58472a27e532b9644b4a61dfe18f6baac < be95cc6d71dfd0cba66e3621c65413321b398052affected
LinuxLinux5.11affected
LinuxLinux0 < 5.11unaffected
LinuxLinux5.15.154 <= 5.15.*unaffected
LinuxLinux6.1.84 <= 6.1.*unaffected
LinuxLinux6.6.24 <= 6.6.*unaffected
LinuxLinux6.7.12 <= 6.7.*unaffected
LinuxLinux6.8.3 <= 6.8.*unaffected
LinuxLinux6.9 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

References