SB20240717106 - Resource management error in Linux kernel usb class driver
Published: July 17, 2024 Updated: May 13, 2025
Security Bulletin ID
SB20240717106
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Local access
Highest impact
Denial of service
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Resource management error (CVE-ID: CVE-2022-48834)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the usbtmc_ioctl_request() function in drivers/usb/class/usbtmc.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/700a0715854c1e79a73341724ce4f5bb01abc016
- https://git.kernel.org/stable/c/10a805334a11acd547602d6c4cf540a0f6ab5c6e
- https://git.kernel.org/stable/c/c69aef9db878ab277068a8cc1b4bf0cf309dc2b7
- https://git.kernel.org/stable/c/5f6a2d63c68c12cf61259df7c3527a0e05dce952
- https://git.kernel.org/stable/c/e9b667a82cdcfe21d590344447d65daed52b353b
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.108
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.31
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.16.17
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.17
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.187