摘要:
In the Linux kernel, the following vulnerability has been resolved:USB: core: Fix access violation during port device removalTesting with KASAN and syzkaller revealed a bug in port.c:disable_store():usb_hub_to_struct_hub() can return NULL if the hub that the port belongs tois concurrently removed, but the function does not check for thispossibility before dereferencing the returned value.It turns out that the first dereference is unnecessary, since hub->intfdevis the parent of the port device, so it can be changed easily. Adding acheck for hub == NULL prevents further problems.The same bug exists in the disable_show() routine, and it can be fixed thesame way.
安全等级: Low
公告ID: KylinSec-SA-2024-3254
发布日期: 2024年8月1日
关联CVE: CVE-2024-36896
In the Linux kernel, the following vulnerability has been resolved:USB: core: Fix access violation during port device removalTesting with KASAN and syzkaller revealed a bug in port.c:disable_store():usb_hub_to_struct_hub() can return NULL if the hub that the port belongs tois concurrently removed, but the function does not check for thispossibility before dereferencing the returned value.It turns out that the first dereference is unnecessary, since hub->intfdevis the parent of the port device, so it can be changed easily. Adding acheck for hub == NULL prevents further problems.The same bug exists in the disable_show() routine, and it can be fixed thesame way.
| cve名称 | 产品 | 组件 | 是否受影响 |
|---|
