ghsa-58xp-fvvp-586w
Vulnerability from github
Published
2024-05-19 12:30
Modified
2024-05-19 12:30
Details
In the Linux kernel, the following vulnerability has been resolved:
usb: typec: ucsi: Limit read size on v1.2
Between UCSI 1.2 and UCSI 2.0, the size of the MESSAGE_IN region was increased from 16 to 256. In order to avoid overflowing reads for older systems, add a mechanism to use the read UCSI version to truncate read sizes on UCSI v1.2.
{ "affected": [], "aliases": [ "CVE-2024-35924" ], "database_specific": { "cwe_ids": [], "github_reviewed": false, "github_reviewed_at": null, "nvd_published_at": "2024-05-19T11:15:48Z", "severity": null }, "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: typec: ucsi: Limit read size on v1.2\n\nBetween UCSI 1.2 and UCSI 2.0, the size of the MESSAGE_IN region was\nincreased from 16 to 256. In order to avoid overflowing reads for older\nsystems, add a mechanism to use the read UCSI version to truncate read\nsizes on UCSI v1.2.", "id": "GHSA-58xp-fvvp-586w", "modified": "2024-05-19T12:30:38Z", "published": "2024-05-19T12:30:38Z", "references": [ { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-35924" }, { "type": "WEB", "url": "https://git.kernel.org/stable/c/0defcaa09d3b21e8387829ee3a652c43fa91e13f" }, { "type": "WEB", "url": "https://git.kernel.org/stable/c/266f403ec47573046dee4bcebda82777ce702c40" }, { "type": "WEB", "url": "https://git.kernel.org/stable/c/b3db266fb031fba88c423d4bb8983a73a3db6527" } ], "schema_version": "1.4.0", "severity": [] }
Loading...