CVE-2024-26997

Published May 1, 2024

Last updated 4 months ago

CVSS medium 5.5

Overview

Description: In the Linux kernel, the following vulnerability has been resolved: usb: dwc2: host: Fix dereference issue in DDMA completion flow. Fixed variable dereference issue in DDMA completion flow.
Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
NVD status: Analyzed
Products: linux_kernel, debian_linux

Risk scores

CVSS 3.1

Type: Primary
Base score: 5.5
Impact score: 3.6
Exploitability score: 1.8
Vector string: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Severity: MEDIUM

Weaknesses

nvd@nist.gov: CWE-476

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
            "matchCriteriaId": "50A5A92C-FD7D-471C-99CB-8424482115E6",
            "versionEndExcluding": "5.15.157",
            "versionStartIncluding": "5.15.154",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
            "matchCriteriaId": "8F74A44B-96DC-4FE7-B52C-46EAAE1A9FB2",
            "versionEndExcluding": "6.1.88",
            "versionStartIncluding": "6.1.84",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
            "matchCriteriaId": "F9EBAA35-C267-42BF-9547-DE4832721766",
            "versionEndExcluding": "6.6.29",
            "versionStartIncluding": "6.6.24",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
            "matchCriteriaId": "D6A2C3EC-DA7B-4144-8BAF-2DBB7E8CE4C7",
            "versionEndExcluding": "6.8",
            "versionStartIncluding": "6.7.12",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
            "matchCriteriaId": "A0577D01-D19E-4CAC-BF0C-FE393843297C",
            "versionEndExcluding": "6.8.8",
            "versionStartIncluding": "6.8.3",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:4.19.312:*:*:*:*:*:*:*",
            "matchCriteriaId": "AC2A4DE6-B140-4978-8A3C-70E783BB8F26",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:5.4.274:*:*:*:*:*:*:*",
            "matchCriteriaId": "D949FD64-D5E8-4C05-94ED-6AB9F1035C6D",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:5.10.215:*:*:*:*:*:*:*",
            "matchCriteriaId": "6DEA5675-3527-4871-951D-0D346442BEFB",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:6.9:rc2:*:*:*:*:*:*",
            "matchCriteriaId": "DF73CB2A-DFFD-46FB-9BFE-AA394F27EA37",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:6.9:rc3:*:*:*:*:*:*",
            "matchCriteriaId": "52048DDA-FC5A-4363-95A0-A6357B4D7F8C",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:6.9:rc4:*:*:*:*:*:*",
            "matchCriteriaId": "A06B2CCF-3F43-4FA9-8773-C83C3F5764B2",
            "vulnerable": true
          }
        ],
        "negate": false,
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
            "matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73",
            "vulnerable": true
          }
        ],
        "negate": false,
        "operator": "OR"
      }
    ]
  }
]

References

Sources include official advisories and independent security research.

Overview

Risk scores

CVSS 3.1

Weaknesses

Social media

Configurations

Related CVEs

References