CVE-2024-35812

May 17, 2024, 6:35 p.m.

None
No Score

Description

In the Linux kernel, the following vulnerability has been resolved: usb: cdc-wdm: close race between read and workqueue wdm_read() cannot race with itself. However, in service_outstanding_interrupt() it can race with the workqueue, which can be triggered by error handling. Hence we need to make sure that the WDM_RESPONDING flag is not just only set but tested.

Product(s) Impacted

Product Versions
Linux kernel
  • []

Weaknesses

Common security weaknesses mapped to this vulnerability.

References

https://git.kernel.org/stable/c/164be0a824387301312689bb29b2be92ab2cd39d
https://git.kernel.org/stable/c/19f955ad9437a6859a529af34e2eafd903d5e7c1
https://git.kernel.org/stable/c/2ff436b6399859e06539a2b9c667897d3cc85ad5
https://git.kernel.org/stable/c/339f83612f3a569b194680768b22bf113c26a29d
https://git.kernel.org/stable/c/347cca11bb78b9f3c29b45a9c52e70258bd008bf
https://git.kernel.org/stable/c/3afdcc4e1a00facad210f5c5891bb2fbc026067f
https://git.kernel.org/stable/c/5904411219601127ffdbd2d622bb5d67f9d8d16c
https://git.kernel.org/stable/c/7182175f565ffffa2ba1911726c5656bfc7a1bae
https://git.kernel.org/stable/c/8672ad663a22d0e4a325bb7d817b36ec412b967c
https://git.kernel.org/stable/c/916cd2fcbc1e344bcabf4b2a834cdf5a0417d30c
https://git.kernel.org/stable/c/9723602387217caa71d623ffcce314dc39e84a09
https://git.kernel.org/stable/c/9b319f4a88094b2e020e6db6e819c808d890098d
https://git.kernel.org/stable/c/a86e54a345139f1a7668c9f83bdc7ac6f91b6f78
https://git.kernel.org/stable/c/ab92e11b73b48b79f144421430891f3aa6242656
https://git.kernel.org/stable/c/da3b75931bb737be74d6b4341e0080f233ed1409
https://git.kernel.org/stable/c/e4e47e406d74cab601b2ab21ba5e3add811e05ae

Tags

416baaa9-dc9f-4396-8d5f-8c081fb06d67
2024-05-17
CVE-2024-35812

Timeline

Published: May 17, 2024, 2:15 p.m.
Last Modified: May 17, 2024, 6:35 p.m.

Status : Awaiting Analysis

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

416baaa9-dc9f-4396-8d5f-8c081fb06d67

*Disclaimer: Some vulnerabilities do not have an associated CPE. To enhance the data, we use AI to infer CPEs based on CVE details. This is an automated process and might not always be accurate.