SecuriTricks - CVE-2024-47671

Description

In the Linux kernel, the following vulnerability has been resolved: USB: usbtmc: prevent kernel-usb-infoleak The syzbot reported a kernel-usb-infoleak in usbtmc_write, we need to clear the structure before filling fields.

Product(s) Impacted

Vendor	Product	Versions
Linux	Linux Kernel	*, 6.11, 6.11.1

Weaknesses

*CPE(s)

Type	Vendor	Product	Version	Update	Edition	Language	Software Edition	Target Software	Target Hardware	Other Information
o	linux	linux_kernel	/	/	/	/	/	/	/	/
o	linux	linux_kernel	/	/	/	/	/	/	/	/
o	linux	linux_kernel	/	/	/	/	/	/	/	/
o	linux	linux_kernel	6.11	rc1	/	/	/	/	/	/
o	linux	linux_kernel	6.11	rc2	/	/	/	/	/	/
o	linux	linux_kernel	6.11	rc3	/	/	/	/	/	/
o	linux	linux_kernel	6.11	rc4	/	/	/	/	/	/
o	linux	linux_kernel	6.11	rc5	/	/	/	/	/	/
o	linux	linux_kernel	6.11	rc6	/	/	/	/	/	/
o	linux	linux_kernel	6.11	rc7	/	/	/	/	/	/
o	linux	linux_kernel	6.11	rc8	/	/	/	/	/	/
o	linux	linux_kernel	6.11.1	/	/	/	/	/	/	/

References

https://git.kernel.org/stable/c/0c927dfc0b9bd177f7ab6ee59ef0c4ea06c110a7

https://git.kernel.org/stable/c/16e0ab9ed3ae7d19ca8ee718ba4e09d5c0f909ca

https://git.kernel.org/stable/c/51297ef7ad7824ad577337f273cd092e81a9fa08

https://git.kernel.org/stable/c/625fa77151f00c1bd00d34d60d6f2e710b3f9aad

https://git.kernel.org/stable/c/6c7fc36da021b13c34c572a26ba336cd102418f8

https://git.kernel.org/stable/c/ba6269e187aa1b1f20faf3c458831a0d6350304b

https://git.kernel.org/stable/c/e872738e670ddd63e19f22d0d784f0bdf26ecba5

CVSS Score

5.5 / 10

CVSS Data

Attack Vector: LOCAL
Attack Complexity: LOW
Privileges Required: LOW
Scope: UNCHANGED
Confidentiality Impact: HIGH
Integrity Impact: NONE
Availability Impact: NONE

View Vector String

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Date

Published: Oct. 9, 2024, 3:15 p.m.
Last Modified: Oct. 23, 2024, 7:36 p.m.

Status : Analyzed

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

416baaa9-dc9f-4396-8d5f-8c081fb06d67

CVE-2024-47671