SB20240702129 - Input validation error in Linux kernel usb typec driver
Published: July 2, 2024 Updated: May 13, 2025
Security Bulletin ID
SB20240702129
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Local access
Highest impact
Denial of service
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Input validation error (CVE-ID: CVE-2021-47210)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the tps6598x_block_read() function in drivers/usb/typec/tps6598x.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/2a897d384513ba7f7ef05611338b9a6ec6aeac00
- https://git.kernel.org/stable/c/30dcfcda8992dc42f18e7d35b6a1fa72372d382d
- https://git.kernel.org/stable/c/eff8b7628410cb2eb562ca0d5d1f12e27063733e
- https://git.kernel.org/stable/c/2c71811c963b6c310a29455d521d31a7ea6c5b5e
- https://git.kernel.org/stable/c/b7a0a63f3fed57d413bb857de164ea9c3984bc4e
- https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.218
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.82
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.5
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.16
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.162