CVE-2024-53070

Summary

In the Linux kernel, the following vulnerability has been resolved:

usb: dwc3: fix fault at system suspend if device was already runtime suspended

If the device was already runtime suspended then during system suspend we cannot access the device registers else it will crash.

Also we cannot access any registers after dwc3_core_exit() on some platforms so move the dwc3_enable_susphy() call to the top.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux073530898ebf44a9418434e899cfa9ca86945333 < d9e65d461a9de037e7c9d584776d025cfce6d86daffected
LinuxLinux85ca88f93162acb94dbcb26d0ee2b145864d14a1 < 562804b1561cc248cc37746a1c96c83cab1d7209affected
LinuxLinux4fad7370086797afe6471493e3a5f36add8c48a7 < 4abc5ee334fe4aba50461c45fdaaa4c5e5c57789affected
LinuxLinuxa690a9e38e6ba819789074388de7cff06425ef5b < 06b98197b69e2f2af9cb1991ee0b1c876edf7b86affected
LinuxLinux705e3ce37bccdf2ed6f848356ff355f480d51a91 < 9cfb31e4c89d200d8ab7cb1e0bb9e6e8d621ca0baffected
LinuxLinux5.15.170 < 5.15.172affected
LinuxLinux6.1.115 < 6.1.117affected
LinuxLinux6.6.59 < 6.6.61affected
LinuxLinux6.11.5 < 6.11.8affected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

References