Fix for vulnerability in USB PHY access after release
CVE-2024-50269

7.8HIGH

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 19 November 2024

What is CVE-2024-50269?

A vulnerability in the Linux kernel's Sunxi MUSB driver allows for accessing a USB PHY after it has been released. This issue arises during the registration and unregistration process of the platform driver. Specifically, when the driver is registered again, it attempts to use the PHY that was already released in a previous operation, leading to potential undefined behavior or system instability. The vulnerability has been addressed by reverting a previous commit that incorrectly released the USB PHY.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Linux 6ed05c68cbcae42cd52b8e53b66952bfa9c002ce < 721ddad945596220c123eb6f7126729fe277ee4f

Linux 6ed05c68cbcae42cd52b8e53b66952bfa9c002ce < 4aa77d5ea9944468e16c3eed15e858fd5de44de1

Linux 6ed05c68cbcae42cd52b8e53b66952bfa9c002ce < 6e2848d1c8c0139161e69ac0a94133e90e9988e8

References

https://git.kernel.org/stable/c/721ddad945596220c123eb6f7...

https://git.kernel.org/stable/c/4aa77d5ea9944468e16c3eed1...

https://git.kernel.org/stable/c/6e2848d1c8c0139161e69ac0a...

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Nov 19, 2024

JSON

Linux

What is CVE-2024-50269?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.