We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Crisp.chat (Helpdesk and Chat)

Ok

THREATINT
PUBLISHED

CVE-2024-56698

usb: dwc3: gadget: Fix looping of queued SG entries



Description

In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: gadget: Fix looping of queued SG entries The dwc3_request->num_queued_sgs is decremented on completion. If a partially completed request is handled, then the dwc3_request->num_queued_sgs no longer reflects the total number of num_queued_sgs (it would be cleared). Correctly check the number of request SG entries remained to be prepare and queued. Failure to do this may cause null pointer dereference when accessing non-existent SG entry.

Reserved 2024-12-27 | Published 2024-12-28 | Updated 2025-01-20 | Assigner Linux

Product status

Default status
unaffected

c96e6725db9d6a04ac1bee881e3034b636d9f71c before 8ceb21d76426bbe7072cc3e43281e70c0d664cc7
affected

c96e6725db9d6a04ac1bee881e3034b636d9f71c before 0247da93bf62d33304b7bf97850ebf2a86e06d28
affected

c96e6725db9d6a04ac1bee881e3034b636d9f71c before c9e72352a10ae89a430449f7bfeb043e75c255d9
affected

c96e6725db9d6a04ac1bee881e3034b636d9f71c before 1534f6f69393aac773465d80d31801b554352627
affected

c96e6725db9d6a04ac1bee881e3034b636d9f71c before b7c3d0b59213ebeedff63d128728ce0b3d7a51ec
affected

c96e6725db9d6a04ac1bee881e3034b636d9f71c before 70777a23a54e359cfdfafc625a57cd56434f3859
affected

c96e6725db9d6a04ac1bee881e3034b636d9f71c before b7fc65f5141c24785dc8c19249ca4efcf71b3524
affected

Default status
affected

4.18
affected

Any version before 4.18
unaffected

5.10.231
unaffected

5.15.174
unaffected

6.1.120
unaffected

6.6.64
unaffected

6.11.11
unaffected

6.12.2
unaffected

6.13
unaffected

References

git.kernel.org/...c/8ceb21d76426bbe7072cc3e43281e70c0d664cc7

git.kernel.org/...c/0247da93bf62d33304b7bf97850ebf2a86e06d28

git.kernel.org/...c/c9e72352a10ae89a430449f7bfeb043e75c255d9

git.kernel.org/...c/1534f6f69393aac773465d80d31801b554352627

git.kernel.org/...c/b7c3d0b59213ebeedff63d128728ce0b3d7a51ec

git.kernel.org/...c/70777a23a54e359cfdfafc625a57cd56434f3859

git.kernel.org/...c/b7fc65f5141c24785dc8c19249ca4efcf71b3524

cve.org (CVE-2024-56698)

nvd.nist.gov (CVE-2024-56698)

Download JSON

Share this page
https://cve.threatint.com/CVE/CVE-2024-56698

Support options

Helpdesk Chat, Email, Knowledgebase
Subscribe to our newsletter to learn more about our work.