Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: gadget: A fix was made to the NULL pointer dereference in dwc3gadgetsuspend. In current scenarios where “Plug-out” and “Plug-In” operations are performed continuously, there is a possibility that a NULL pointer...

Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: USB: dwc3: core: Remove the lock of the OTG mode during gadget suspension/resumption to avoid deadlock. When the CONFIGUSBDWC3DUALROLE configuration is selected, and the system is triggered to enter suspension using the following...

Azure Linux 3.0 Security Update: kernel (CVE-2024-42085)

"The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-42085 advisory. - In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: core: remove lock of otg mod...

usb: dwc3: core: remove lock of otg mode during gadget suspend/resume to avoid deadlock

...

SUSE CVE-2024-42085

In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: core: remove lock of otg mode during gadget suspend/resume to avoid deadlock When config CONFIGUSBDWC3DUALROLE is selected, and trigger system to enter suspend status with below command: echo mem /sys/power/state There...

DEBIAN-CVE-2024-42085

In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: core: remove lock of otg mode during gadget suspend/resume to avoid deadlock When config CONFIGUSBDWC3DUALROLE is selected, and trigger system to enter suspend status with below command: echo mem /sys/power/state There...

UBUNTU-CVE-2024-42085

In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: core: remove lock of otg mode during gadget suspend/resume to avoid deadlock When config CONFIGUSBDWC3DUALROLE is selected, and trigger system to enter suspend status with below command: echo mem /sys/power/state There...

The vulnerability of the dwc3_gadget_suspend() function in the Linux operating system’s USB DesignWare driver allows a hacker to trigger a service failure.

The vulnerability of the dwc3gadgetsuspend function in the drivers/usb/dwc3/gadget.c file of the Linux operating system’s USB DesignWare driver is related to the assignment of a null pointer. Exploiting this vulnerability could allow an attacker to cause a service failure...