In the Linux kernel, the following vulnerability has been resolved: usb:
ulpi: Fix debugfs directory leak The ULPI per-device debugfs root is named
after the ulpi device’s parent, but ulpi_unregister_interface tries to
remove a debugfs directory named after the ulpi device itself. This results
in the directory sticking around and preventing subsequent (deferred)
probes from succeeding. Change the directory name to match the ulpi device.
Author | Note |
---|---|
Priority reason: Exploitation requires write access to debugfs entries, which are restricted to root by default on Ubuntu kernels. |
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 18.04 | noarch | linux | < any | UNKNOWN |
ubuntu | 20.04 | noarch | linux | < any | UNKNOWN |
ubuntu | 22.04 | noarch | linux | < any | UNKNOWN |
ubuntu | 23.10 | noarch | linux | < any | UNKNOWN |
ubuntu | 24.04 | noarch | linux | < any | UNKNOWN |
ubuntu | 14.04 | noarch | linux | < any | UNKNOWN |
ubuntu | 16.04 | noarch | linux | < any | UNKNOWN |
ubuntu | 18.04 | noarch | linux-aws | < any | UNKNOWN |
ubuntu | 20.04 | noarch | linux-aws | < any | UNKNOWN |
ubuntu | 22.04 | noarch | linux-aws | < any | UNKNOWN |
git.kernel.org/linus/3caf2b2ad7334ef35f55b95f3e1b138c6f77b368 (6.8-rc3)
git.kernel.org/stable/c/330d22aba17a4d30a56f007d0f51291d7e00862b
git.kernel.org/stable/c/33713945cc92ea9c4a1a9479d5c1b7acb7fc4df3
git.kernel.org/stable/c/3caf2b2ad7334ef35f55b95f3e1b138c6f77b368
git.kernel.org/stable/c/d31b886ed6a5095214062ee4fb55037eb930adb6
launchpad.net/bugs/cve/CVE-2024-26919
nvd.nist.gov/vuln/detail/CVE-2024-26919
security-tracker.debian.org/tracker/CVE-2024-26919
www.cve.org/CVERecord?id=CVE-2024-26919