First published: Wed Sep 04 2024(Updated: )
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: core: Check for unset descriptor Make sure the descriptor has been set before looking at maxpacket. This fixes a null pointer panic in this case. This may happen if the gadget doesn't properly set up the endpoint for the current speed, or the gadget descriptors are malformed and the descriptor for the speed/endpoint are not found. No current gadget driver is known to have this problem, but this may cause a hard-to-find bug during development of new gadgets.
Credit: 416baaa9-dc9f-4396-8d5f-8c081fb06d67 416baaa9-dc9f-4396-8d5f-8c081fb06d67
Affected Software | Affected Version | How to fix |
---|---|---|
Linux Linux kernel | <3.16.80 | |
Linux Linux kernel | >=3.17<4.4.199 | |
Linux Linux kernel | >=4.5<4.9.199 | |
Linux Linux kernel | >=4.10<4.14.152 | |
Linux Linux kernel | >=4.15<4.19.320 | |
Linux Linux kernel | >=4.20<5.3.9 | |
Linux Linux kernel | >=5.4<5.4.282 | |
Linux Linux kernel | >=5.5<5.10.224 | |
Linux Linux kernel | >=5.11<5.15.165 | |
Linux Linux kernel | >=5.16<6.1.105 | |
Linux Linux kernel | >=6.2<6.6.46 | |
Linux Linux kernel | >=6.7<6.10.5 | |
Linux Linux kernel | =6.11-rc1 | |
Linux Linux kernel | =6.11-rc2 | |
debian/linux | <=5.10.223-1 | 5.10.226-1 6.1.115-1 6.1.119-1 6.12.5-1 6.12.6-1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.