CVE-2024-26964

May 1, 2024, 1:02 p.m.

None
No Score

Description

In the Linux kernel, the following vulnerability has been resolved: usb: xhci: Add error handling in xhci_map_urb_for_dma Currently xhci_map_urb_for_dma() creates a temporary buffer and copies the SG list to the new linear buffer. But if the kzalloc_node() fails, then the following sg_pcopy_to_buffer() can lead to crash since it tries to memcpy to NULL pointer. So return -ENOMEM if kzalloc returns null pointer.

Product(s) Impacted

Product Versions
Linux kernel

Weaknesses

Common security weaknesses mapped to this vulnerability.

References

https://git.kernel.org/stable/c/4a49d24fdec0a802aa686a567a3989a9fdf4e5dd
https://git.kernel.org/stable/c/620b6cf2f1a270f48d38e6b8ce199c1acb3e90f4
https://git.kernel.org/stable/c/7b6cc33593d7ccfc3011b290849cfa899db46757
https://git.kernel.org/stable/c/962300a360d24c5be5a188cda48da58a37e4304d
https://git.kernel.org/stable/c/b2c898469dfc388f619c6c972a28466cbb1442ea
https://git.kernel.org/stable/c/be95cc6d71dfd0cba66e3621c65413321b398052

Tags

2024-05-01
416baaa9-dc9f-4396-8d5f-8c081fb06d67
CVE-2024-26964

Date

  • Published: May 1, 2024, 6:15 a.m.
  • Last Modified: May 1, 2024, 1:02 p.m.

Status : Awaiting Analysis

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

416baaa9-dc9f-4396-8d5f-8c081fb06d67

*Disclaimer: Some vulnerabilities do not have an associated CPE. To enhance the data, we use AI to infer CPEs based on CVE details. This is an automated process and might not always be accurate.