ghsa-3h33-78cr-x67r
Vulnerability from github
Published
2024-05-01 06:31
Modified
2024-05-01 06:31
Details
In the Linux kernel, the following vulnerability has been resolved:
usb: xhci: Add error handling in xhci_map_urb_for_dma
Currently xhci_map_urb_for_dma() creates a temporary buffer and copies the SG list to the new linear buffer. But if the kzalloc_node() fails, then the following sg_pcopy_to_buffer() can lead to crash since it tries to memcpy to NULL pointer.
So return -ENOMEM if kzalloc returns null pointer.
{
"affected": [],
"aliases": [
"CVE-2024-26964"
],
"database_specific": {
"cwe_ids": [],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-05-01T06:15:12Z",
"severity": null
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: xhci: Add error handling in xhci_map_urb_for_dma\n\nCurrently xhci_map_urb_for_dma() creates a temporary buffer and copies\nthe SG list to the new linear buffer. But if the kzalloc_node() fails,\nthen the following sg_pcopy_to_buffer() can lead to crash since it\ntries to memcpy to NULL pointer.\n\nSo return -ENOMEM if kzalloc returns null pointer.",
"id": "GHSA-3h33-78cr-x67r",
"modified": "2024-05-01T06:31:42Z",
"published": "2024-05-01T06:31:42Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-26964"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/4a49d24fdec0a802aa686a567a3989a9fdf4e5dd"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/620b6cf2f1a270f48d38e6b8ce199c1acb3e90f4"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/7b6cc33593d7ccfc3011b290849cfa899db46757"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/962300a360d24c5be5a188cda48da58a37e4304d"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/b2c898469dfc388f619c6c972a28466cbb1442ea"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/be95cc6d71dfd0cba66e3621c65413321b398052"
}
],
"schema_version": "1.4.0",
"severity": []
}
Loading...