mirror of
https://github.com/0xMarcio/cve.git
synced 2025-11-28 18:48:49 +00:00
1.0 KiB
1.0 KiB
CVE-2024-56698
Description
In the Linux kernel, the following vulnerability has been resolved:usb: dwc3: gadget: Fix looping of queued SG entriesThe dwc3_request->num_queued_sgs is decremented on completion. If apartially completed request is handled, then thedwc3_request->num_queued_sgs no longer reflects the total number ofnum_queued_sgs (it would be cleared).Correctly check the number of request SG entries remained to be prepareand queued. Failure to do this may cause null pointer dereference whenaccessing non-existent SG entry.
POC
Reference
No PoCs from references.