Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
redhatcveRedhat.comRH:CVE-2024-26659
HistoryApr 02, 2024 - 11:40 p.m.

CVE-2024-26659

2024-04-0223:40:28
redhat.com
access.redhat.com
10
linux kernel
xhci
vulnerability
multi-trb td
handle
babble
buffer overrun
event
error
completion
transfer length

AI Score

7.3

Confidence

High

EPSS

0

Percentile

10.3%

JSON

A flaw was found in the Linux kernel related to the Extensible Host Controller Interface (xHCI) subsystem, specifically how it handles certain events. The issue arises when the xHCI driver improperly handles isochronous (isoc) Babble and Buffer Overrun events. The vulnerability occurs because the xHCI driver incorrectly assumes that the xHC (host controller) has released its ownership of a multi-TRB (Transfer Request Block) TD (Transfer Descriptor) after reporting an error on an early TRB. This assumption leads to the premature release of the TD, allowing remaining TRBs to be freed or overwritten, which can cause system instability or crashes.

Mitigation

There is no known mitigation to this problem. Red Hat recommends updating to the latest kernel version to fix the problem.

Related

debiancve 1
cvelist 1
vulnrichment 1
nvd 1
ubuntucve 1
cve 1
ibm 4
nessus 46
almalinux 2
redhat 3
osv 24
rocky 2
oraclelinux 1
ubuntu 15
openvas 34
slackware 1
debian 2
debiancve
debiancve
CVE-2024-26659
2024-04-02 07:15:42
cvelist
cvelist
CVE-2024-26659 xhci: handle isoc Babble and Buffer Overrun events properly
2024-04-02 06:22:09
vulnrichment
vulnrichment
CVE-2024-26659 xhci: handle isoc Babble and Buffer Overrun events properly
2024-04-02 06:22:09
nvd
nvd
CVE-2024-26659
2024-04-02 07:15:42
ubuntucve
ubuntucve
CVE-2024-26659
2024-04-02 00:00:00
cve
cve
CVE-2024-26659
2024-04-02 07:15:42
ibm
ibm
Security Bulletin: Vulnerabilities in Linux Kernel might affect IBM Storage Copy Data Management
2024-09-27 18:14:10
Security Bulletin: IBM QRadar SIEM contains multiple vulnerabilities
2024-07-31 12:54:26
Security Bulletin: Vulnerabilities in Node.js, AngularJS, Golang Go, libcURL, PostgreSQL, Linux kernel might affect IBM Spectrum Protect Plus
2024-09-24 05:05:57
nessus
nessus
Amazon Linux 2 : kernel (ALASKERNEL-5.15-2024-040)
2024-04-01 00:00:00
Amazon Linux 2 : kernel (ALASKERNEL-5.10-2024-052)
2024-04-01 00:00:00
Amazon Linux 2023 : bpftool, kernel, kernel-devel (ALAS2023-2024-603)
2024-04-29 00:00:00
almalinux
almalinux
Moderate: kernel-rt security and bug fix update
2024-06-05 00:00:00
Moderate: kernel update
2024-06-05 00:00:00
redhat
redhat
(RHSA-2024:3627) Moderate: kernel-rt security and bug fix update
2024-06-05 09:30:39
(RHSA-2024:3618) Moderate: kernel update
2024-06-05 00:07:54
(RHSA-2024:4151) Important: OpenShift Container Platform 4.15.20 security update
2024-07-02 18:15:29
osv
osv
Moderate: kernel-rt security and bug fix update
2024-06-05 00:00:00
Moderate: kernel-rt security and bug fix update
2024-06-14 13:59:36
Moderate: kernel update
2024-06-05 00:00:00
rocky
rocky
kernel-rt security and bug fix update
2024-06-14 13:59:36
kernel update
2024-06-14 13:59:16
oraclelinux
oraclelinux
kernel update
2024-06-05 00:00:00
ubuntu
ubuntu
Linux kernel vulnerabilities
2024-07-16 00:00:00
Linux kernel vulnerabilities
2024-07-19 00:00:00
Linux kernel vulnerabilities
2024-07-12 00:00:00
openvas
openvas
Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2024-2216)
2024-08-21 00:00:00
Ubuntu: Security Advisory (USN-6895-4)
2024-08-05 00:00:00
Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2024-2308)
2024-09-03 00:00:00
slackware
slackware
[slackware-security] Slackware 15.0 kernel
2024-06-05 19:11:11
debian
debian
[SECURITY] [DSA 5658-1] linux security update
2024-04-13 06:38:27
[SECURITY] [DSA 5681-1] linux security update
2024-05-06 18:31:39

AI Score

7.3

Confidence

High

EPSS

0

Percentile

10.3%

JSON
Related for RH:CVE-2024-26659
debiancve1cvelist1vulnrichment1nvd1ubuntucve1cve1ibm4nessus46almalinux2redhat3osv24rocky2oraclelinux1ubuntu15openvas34slackware1debian2