ghsa-58xp-fvvp-586w
Vulnerability from github
Published
2024-05-19 12:30
Modified
2024-05-19 12:30
Details

In the Linux kernel, the following vulnerability has been resolved:

usb: typec: ucsi: Limit read size on v1.2

Between UCSI 1.2 and UCSI 2.0, the size of the MESSAGE_IN region was increased from 16 to 256. In order to avoid overflowing reads for older systems, add a mechanism to use the read UCSI version to truncate read sizes on UCSI v1.2.

Show details on source website

To clipboard 

{
  "affected": [],
  "aliases": [
    "CVE-2024-35924"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-05-19T11:15:48Z",
    "severity": null
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: typec: ucsi: Limit read size on v1.2\n\nBetween UCSI 1.2 and UCSI 2.0, the size of the MESSAGE_IN region was\nincreased from 16 to 256. In order to avoid overflowing reads for older\nsystems, add a mechanism to use the read UCSI version to truncate read\nsizes on UCSI v1.2.",
  "id": "GHSA-58xp-fvvp-586w",
  "modified": "2024-05-19T12:30:38Z",
  "published": "2024-05-19T12:30:38Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-35924"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/0defcaa09d3b21e8387829ee3a652c43fa91e13f"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/266f403ec47573046dee4bcebda82777ce702c40"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/b3db266fb031fba88c423d4bb8983a73a3db6527"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.