2024-11-19 03:03:23 +00:00
{
"id" : "CVE-2024-50269" ,
"sourceIdentifier" : "416baaa9-dc9f-4396-8d5f-8c081fb06d67" ,
"published" : "2024-11-19T02:16:28.930" ,
2024-11-26 23:04:10 +00:00
"lastModified" : "2024-11-26T22:30:27.420" ,
"vulnStatus" : "Analyzed" ,
2024-11-19 03:03:23 +00:00
"cveTags" : [ ] ,
"descriptions" : [
{
"lang" : "en" ,
"value" : "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: musb: sunxi: Fix accessing an released usb phy\n\nCommit 6ed05c68cbca (\"usb: musb: sunxi: Explicitly release USB PHY on\nexit\") will cause that usb phy @glue->xceiv is accessed after released.\n\n1) register platform driver @sunxi_musb_driver\n// get the usb phy @glue->xceiv\nsunxi_musb_probe() -> devm_usb_get_phy().\n\n2) register and unregister platform driver @musb_driver\nmusb_probe() -> sunxi_musb_init()\nuse the phy here\n//the phy is released here\nmusb_remove() -> sunxi_musb_exit() -> devm_usb_put_phy()\n\n3) register @musb_driver again\nmusb_probe() -> sunxi_musb_init()\nuse the phy here but the phy has been released at 2).\n...\n\nFixed by reverting the commit, namely, removing devm_usb_put_phy()\nfrom sunxi_musb_exit()."
2024-11-19 23:03:24 +00:00
} ,
{
"lang" : "es" ,
"value" : "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: usb: musb: sunxi: Se solucion\u00f3 el acceso a un usb phy liberado. Commit 6ed05c68cbca (\"usb: musb: sunxi: Liberar expl\u00edcitamente USB PHY al salir\") provocar\u00e1 que se acceda al usb phy @glue->xceiv despu\u00e9s de su liberaci\u00f3n. 1) registrar el controlador de la plataforma @sunxi_musb_driver // obtener el usb phy @glue->xceiv sunxi_musb_probe() -> devm_usb_get_phy(). 2) registrar y anular el registro del controlador de la plataforma @musb_driver musb_probe() -> sunxi_musb_init() usa el phy aqu\u00ed //el phy se publica aqu\u00ed musb_remove() -> sunxi_musb_exit() -> devm_usb_put_phy() 3) registrar @musb_driver nuevamente musb_probe() -> sunxi_musb_init() usa el phy aqu\u00ed pero el phy se ha publicado en 2). ... Se solucion\u00f3 revirtiendo el commit, es decir, eliminando devm_usb_put_phy() de sunxi_musb_exit()."
2024-11-19 03:03:23 +00:00
}
] ,
2024-11-26 23:04:10 +00:00
"metrics" : {
"cvssMetricV31" : [
{
"source" : "nvd@nist.gov" ,
"type" : "Primary" ,
"cvssData" : {
"version" : "3.1" ,
"vectorString" : "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" ,
"baseScore" : 7.8 ,
"baseSeverity" : "HIGH" ,
"attackVector" : "LOCAL" ,
"attackComplexity" : "LOW" ,
"privilegesRequired" : "LOW" ,
"userInteraction" : "NONE" ,
"scope" : "UNCHANGED" ,
"confidentialityImpact" : "HIGH" ,
"integrityImpact" : "HIGH" ,
"availabilityImpact" : "HIGH"
} ,
"exploitabilityScore" : 1.8 ,
"impactScore" : 5.9
}
]
} ,
"weaknesses" : [
{
"source" : "nvd@nist.gov" ,
"type" : "Primary" ,
"description" : [
{
"lang" : "en" ,
"value" : "CWE-416"
}
]
}
] ,
"configurations" : [
{
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "4.4.95" ,
"versionEndExcluding" : "4.5" ,
"matchCriteriaId" : "1E714DC6-1868-4774-91B0-D0274B6E3C0E"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "4.9.59" ,
"versionEndExcluding" : "4.10" ,
"matchCriteriaId" : "D8D41D45-DE35-43A0-91F0-5FFDCB2A508A"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "4.13.10" ,
"versionEndExcluding" : "4.14" ,
"matchCriteriaId" : "F8E04794-8DBA-45C9-8040-A37E6BF20680"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "4.14" ,
"versionEndExcluding" : "4.19.324" ,
"matchCriteriaId" : "8DF05B23-9480-4E31-BE15-A93F374269CE"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "4.20" ,
"versionEndExcluding" : "5.4.286" ,
"matchCriteriaId" : "9952C897-8A61-4D4B-9D6D-7D063E9EA15E"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "5.5" ,
"versionEndExcluding" : "5.10.230" ,
"matchCriteriaId" : "BF5B32D0-72C9-41C3-A0BB-D4946153C134"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "5.11" ,
"versionEndExcluding" : "5.15.172" ,
"matchCriteriaId" : "88812664-4296-42AC-AE0F-ED71086C1BB1"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "5.16" ,
"versionEndExcluding" : "6.1.117" ,
"matchCriteriaId" : "0DD7F755-2F6B-4707-8973-78496AD5AA8E"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "6.2" ,
"versionEndExcluding" : "6.6.61" ,
"matchCriteriaId" : "630ED7EB-C97E-4435-B884-1E309E40D6F3"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "6.7" ,
"versionEndExcluding" : "6.11.8" ,
"matchCriteriaId" : "0BD000F7-3DAD-4DD3-8906-98EA1EC67E95"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:linux:linux_kernel:6.12:rc1:*:*:*:*:*:*" ,
"matchCriteriaId" : "7F361E1D-580F-4A2D-A509-7615F73167A1"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:linux:linux_kernel:6.12:rc2:*:*:*:*:*:*" ,
"matchCriteriaId" : "925478D0-3E3D-4E6F-ACD5-09F28D5DF82C"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:linux:linux_kernel:6.12:rc3:*:*:*:*:*:*" ,
"matchCriteriaId" : "3C95E234-D335-4B6C-96BF-E2CEBD8654ED"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:linux:linux_kernel:6.12:rc4:*:*:*:*:*:*" ,
"matchCriteriaId" : "E0F717D8-3014-4F84-8086-0124B2111379"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:linux:linux_kernel:6.12:rc5:*:*:*:*:*:*" ,
"matchCriteriaId" : "24DBE6C7-2AAE-4818-AED2-E131F153D2FA"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:linux:linux_kernel:6.12:rc6:*:*:*:*:*:*" ,
"matchCriteriaId" : "24B88717-53F5-42AA-9B72-14C707639E3F"
}
]
}
]
}
] ,
2024-11-19 03:03:23 +00:00
"references" : [
{
"url" : "https://git.kernel.org/stable/c/498dbd9aea205db9da674994b74c7bf8e18448bd" ,
2024-11-26 23:04:10 +00:00
"source" : "416baaa9-dc9f-4396-8d5f-8c081fb06d67" ,
"tags" : [
"Patch"
]
2024-11-19 03:03:23 +00:00
} ,
{
"url" : "https://git.kernel.org/stable/c/4aa77d5ea9944468e16c3eed15e858fd5de44de1" ,
2024-11-26 23:04:10 +00:00
"source" : "416baaa9-dc9f-4396-8d5f-8c081fb06d67" ,
"tags" : [
"Patch"
]
2024-11-19 03:03:23 +00:00
} ,
{
"url" : "https://git.kernel.org/stable/c/63559ba8077cbadae1c92a65b73ea522bf377dd9" ,
2024-11-26 23:04:10 +00:00
"source" : "416baaa9-dc9f-4396-8d5f-8c081fb06d67" ,
"tags" : [
"Patch"
]
2024-11-19 03:03:23 +00:00
} ,
{
"url" : "https://git.kernel.org/stable/c/6e2848d1c8c0139161e69ac0a94133e90e9988e8" ,
2024-11-26 23:04:10 +00:00
"source" : "416baaa9-dc9f-4396-8d5f-8c081fb06d67" ,
"tags" : [
"Patch"
]
2024-11-19 03:03:23 +00:00
} ,
{
"url" : "https://git.kernel.org/stable/c/721ddad945596220c123eb6f7126729fe277ee4f" ,
2024-11-26 23:04:10 +00:00
"source" : "416baaa9-dc9f-4396-8d5f-8c081fb06d67" ,
"tags" : [
"Patch"
]
2024-11-19 03:03:23 +00:00
} ,
{
"url" : "https://git.kernel.org/stable/c/8a30da5aa9609663b3e05bcc91a916537f66a4cd" ,
2024-11-26 23:04:10 +00:00
"source" : "416baaa9-dc9f-4396-8d5f-8c081fb06d67" ,
"tags" : [
"Patch"
]
2024-11-19 03:03:23 +00:00
} ,
{
"url" : "https://git.kernel.org/stable/c/b08baa75b989cf779cbfa0969681f8ba2dc46569" ,
2024-11-26 23:04:10 +00:00
"source" : "416baaa9-dc9f-4396-8d5f-8c081fb06d67" ,
"tags" : [
"Patch"
]
2024-11-19 03:03:23 +00:00
} ,
{
"url" : "https://git.kernel.org/stable/c/ccd811c304d2ee56189bfbc49302cb3c44361893" ,
2024-11-26 23:04:10 +00:00
"source" : "416baaa9-dc9f-4396-8d5f-8c081fb06d67" ,
"tags" : [
"Patch"
]
2024-11-19 03:03:23 +00:00
}
]
}
