SB20240603215 - Improper error handling in Linux kernel usb class driver
Published: June 3, 2024 Updated: May 14, 2025
Security Bulletin ID
SB20240603215
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Local access
Highest impact
Denial of service
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Improper error handling (CVE-ID: CVE-2024-35812)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the service_outstanding_interrupt() function in drivers/usb/class/cdc-wdm.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/5904411219601127ffdbd2d622bb5d67f9d8d16c
- https://git.kernel.org/stable/c/347cca11bb78b9f3c29b45a9c52e70258bd008bf
- https://git.kernel.org/stable/c/3afdcc4e1a00facad210f5c5891bb2fbc026067f
- https://git.kernel.org/stable/c/164be0a824387301312689bb29b2be92ab2cd39d
- https://git.kernel.org/stable/c/9b319f4a88094b2e020e6db6e819c808d890098d
- https://git.kernel.org/stable/c/ab92e11b73b48b79f144421430891f3aa6242656
- https://git.kernel.org/stable/c/a86e54a345139f1a7668c9f83bdc7ac6f91b6f78
- https://git.kernel.org/stable/c/7182175f565ffffa2ba1911726c5656bfc7a1bae
- https://git.kernel.org/stable/c/916cd2fcbc1e344bcabf4b2a834cdf5a0417d30c
- https://git.kernel.org/stable/c/8672ad663a22d0e4a325bb7d817b36ec412b967c
- https://git.kernel.org/stable/c/da3b75931bb737be74d6b4341e0080f233ed1409
- https://git.kernel.org/stable/c/2ff436b6399859e06539a2b9c667897d3cc85ad5
- https://git.kernel.org/stable/c/9723602387217caa71d623ffcce314dc39e84a09
- https://git.kernel.org/stable/c/19f955ad9437a6859a529af34e2eafd903d5e7c1
- https://git.kernel.org/stable/c/e4e47e406d74cab601b2ab21ba5e3add811e05ae
- https://git.kernel.org/stable/c/339f83612f3a569b194680768b22bf113c26a29d
- https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.312
- https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.313
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.215
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.216
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.154
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.157
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.274
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.275
- https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.1.84
- https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.1.88
- https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.6.24
- https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.6.29
- https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.7.12
- https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.8.3