Fix for Null Pointer Dereference in Linux Kernel's USB Driver

CVE-2024-46719

Currently unrated 🤨

Key Information

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 18 September 2024

Summary

In the Linux kernel, the following vulnerability has been resolved: usb: typec: ucsi: Fix null pointer dereference in trace ucsi_register_altmode checks IS_ERR for the alt pointer and treats NULL as valid. When CONFIG_TYPEC_DP_ALTMODE is not enabled, ucsi_register_displayport returns NULL which causes a NULL pointer dereference in trace. Rather than return NULL, call typec_port_register_altmode to register DisplayPort alternate mode as a non-controllable mode when CONFIG_TYPEC_DP_ALTMODE is not enabled.

Affected Version(s)

Linux < 8095bf0579ed

Linux < 7e64cabe81c3

Linux < 3aa56313b0de

Timeline

Vulnerability published.
Sep 18, 2024
Vulnerability Reserved.
Sep 11, 2024

Collectors

NVD DatabaseMitre Database