| { |
| "containers": { |
| "cna": { |
| "providerMetadata": { |
| "orgId": "f4215fc3-5b6b-47ff-a258-f7189bd81038" |
| }, |
| "descriptions": [ |
| { |
| "lang": "en", |
| "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nphy: ti: phy-omap-usb2: Fix NULL pointer dereference for SRP\n\nIf the external phy working together with phy-omap-usb2 does not implement\nsend_srp(), we may still attempt to call it. This can happen on an idle\nEthernet gadget triggering a wakeup for example:\n\nconfigfs-gadget.g1 gadget.0: ECM Suspend\nconfigfs-gadget.g1 gadget.0: Port suspended. Triggering wakeup\n...\nUnable to handle kernel NULL pointer dereference at virtual address\n00000000 when execute\n...\nPC is at 0x0\nLR is at musb_gadget_wakeup+0x1d4/0x254 [musb_hdrc]\n...\nmusb_gadget_wakeup [musb_hdrc] from usb_gadget_wakeup+0x1c/0x3c [udc_core]\nusb_gadget_wakeup [udc_core] from eth_start_xmit+0x3b0/0x3d4 [u_ether]\neth_start_xmit [u_ether] from dev_hard_start_xmit+0x94/0x24c\ndev_hard_start_xmit from sch_direct_xmit+0x104/0x2e4\nsch_direct_xmit from __dev_queue_xmit+0x334/0xd88\n__dev_queue_xmit from arp_solicit+0xf0/0x268\narp_solicit from neigh_probe+0x54/0x7c\nneigh_probe from __neigh_event_send+0x22c/0x47c\n__neigh_event_send from neigh_resolve_output+0x14c/0x1c0\nneigh_resolve_output from ip_finish_output2+0x1c8/0x628\nip_finish_output2 from ip_send_skb+0x40/0xd8\nip_send_skb from udp_send_skb+0x124/0x340\nudp_send_skb from udp_sendmsg+0x780/0x984\nudp_sendmsg from __sys_sendto+0xd8/0x158\n__sys_sendto from ret_fast_syscall+0x0/0x58\n\nLet's fix the issue by checking for send_srp() and set_vbus() before\ncalling them. For USB peripheral only cases these both could be NULL." |
| } |
| ], |
| "affected": [ |
| { |
| "product": "Linux", |
| "vendor": "Linux", |
| "defaultStatus": "unaffected", |
| "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", |
| "programFiles": [ |
| "drivers/phy/ti/phy-omap-usb2.c" |
| ], |
| "versions": [ |
| { |
| "version": "657b306a7bdfca4ae1514b533a0e7c3c6d26dbc6", |
| "lessThan": "486218c11e8d1c8f515a3bdd70d62203609d4b6b", |
| "status": "affected", |
| "versionType": "git" |
| }, |
| { |
| "version": "657b306a7bdfca4ae1514b533a0e7c3c6d26dbc6", |
| "lessThan": "8398d8d735ee93a04fb9e9f490e8cacd737e3bf5", |
| "status": "affected", |
| "versionType": "git" |
| }, |
| { |
| "version": "657b306a7bdfca4ae1514b533a0e7c3c6d26dbc6", |
| "lessThan": "be3b82e4871ba00e9b5d0ede92d396d579d7b3b3", |
| "status": "affected", |
| "versionType": "git" |
| }, |
| { |
| "version": "657b306a7bdfca4ae1514b533a0e7c3c6d26dbc6", |
| "lessThan": "8cc889b9dea0579726be9520fcc766077890b462", |
| "status": "affected", |
| "versionType": "git" |
| }, |
| { |
| "version": "657b306a7bdfca4ae1514b533a0e7c3c6d26dbc6", |
| "lessThan": "0430bfcd46657d9116a26cd377f112cbc40826a4", |
| "status": "affected", |
| "versionType": "git" |
| }, |
| { |
| "version": "657b306a7bdfca4ae1514b533a0e7c3c6d26dbc6", |
| "lessThan": "14ef61594a5a286ae0d493b8acbf9eac46fd04c4", |
| "status": "affected", |
| "versionType": "git" |
| }, |
| { |
| "version": "657b306a7bdfca4ae1514b533a0e7c3c6d26dbc6", |
| "lessThan": "396e17af6761b3cc9e6e4ca94b4de7f642bfece1", |
| "status": "affected", |
| "versionType": "git" |
| }, |
| { |
| "version": "657b306a7bdfca4ae1514b533a0e7c3c6d26dbc6", |
| "lessThan": "7104ba0f1958adb250319e68a15eff89ec4fd36d", |
| "status": "affected", |
| "versionType": "git" |
| } |
| ] |
| }, |
| { |
| "product": "Linux", |
| "vendor": "Linux", |
| "defaultStatus": "affected", |
| "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", |
| "programFiles": [ |
| "drivers/phy/ti/phy-omap-usb2.c" |
| ], |
| "versions": [ |
| { |
| "version": "3.7", |
| "status": "affected" |
| }, |
| { |
| "version": "0", |
| "lessThan": "3.7", |
| "status": "unaffected", |
| "versionType": "semver" |
| }, |
| { |
| "version": "4.19.307", |
| "lessThanOrEqual": "4.19.*", |
| "status": "unaffected", |
| "versionType": "semver" |
| }, |
| { |
| "version": "5.4.269", |
| "lessThanOrEqual": "5.4.*", |
| "status": "unaffected", |
| "versionType": "semver" |
| }, |
| { |
| "version": "5.10.210", |
| "lessThanOrEqual": "5.10.*", |
| "status": "unaffected", |
| "versionType": "semver" |
| }, |
| { |
| "version": "5.15.149", |
| "lessThanOrEqual": "5.15.*", |
| "status": "unaffected", |
| "versionType": "semver" |
| }, |
| { |
| "version": "6.1.78", |
| "lessThanOrEqual": "6.1.*", |
| "status": "unaffected", |
| "versionType": "semver" |
| }, |
| { |
| "version": "6.6.17", |
| "lessThanOrEqual": "6.6.*", |
| "status": "unaffected", |
| "versionType": "semver" |
| }, |
| { |
| "version": "6.7.5", |
| "lessThanOrEqual": "6.7.*", |
| "status": "unaffected", |
| "versionType": "semver" |
| }, |
| { |
| "version": "6.8", |
| "lessThanOrEqual": "*", |
| "status": "unaffected", |
| "versionType": "original_commit_for_fix" |
| } |
| ] |
| } |
| ], |
| "cpeApplicability": [ |
| { |
| "nodes": [ |
| { |
| "operator": "OR", |
| "negate": false, |
| "cpeMatch": [ |
| { |
| "vulnerable": true, |
| "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", |
| "versionStartIncluding": "3.7", |
| "versionEndExcluding": "4.19.307" |
| }, |
| { |
| "vulnerable": true, |
| "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", |
| "versionStartIncluding": "3.7", |
| "versionEndExcluding": "5.4.269" |
| }, |
| { |
| "vulnerable": true, |
| "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", |
| "versionStartIncluding": "3.7", |
| "versionEndExcluding": "5.10.210" |
| }, |
| { |
| "vulnerable": true, |
| "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", |
| "versionStartIncluding": "3.7", |
| "versionEndExcluding": "5.15.149" |
| }, |
| { |
| "vulnerable": true, |
| "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", |
| "versionStartIncluding": "3.7", |
| "versionEndExcluding": "6.1.78" |
| }, |
| { |
| "vulnerable": true, |
| "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", |
| "versionStartIncluding": "3.7", |
| "versionEndExcluding": "6.6.17" |
| }, |
| { |
| "vulnerable": true, |
| "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", |
| "versionStartIncluding": "3.7", |
| "versionEndExcluding": "6.7.5" |
| }, |
| { |
| "vulnerable": true, |
| "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", |
| "versionStartIncluding": "3.7", |
| "versionEndExcluding": "6.8" |
| } |
| ] |
| } |
| ] |
| } |
| ], |
| "references": [ |
| { |
| "url": "https://git.kernel.org/stable/c/486218c11e8d1c8f515a3bdd70d62203609d4b6b" |
| }, |
| { |
| "url": "https://git.kernel.org/stable/c/8398d8d735ee93a04fb9e9f490e8cacd737e3bf5" |
| }, |
| { |
| "url": "https://git.kernel.org/stable/c/be3b82e4871ba00e9b5d0ede92d396d579d7b3b3" |
| }, |
| { |
| "url": "https://git.kernel.org/stable/c/8cc889b9dea0579726be9520fcc766077890b462" |
| }, |
| { |
| "url": "https://git.kernel.org/stable/c/0430bfcd46657d9116a26cd377f112cbc40826a4" |
| }, |
| { |
| "url": "https://git.kernel.org/stable/c/14ef61594a5a286ae0d493b8acbf9eac46fd04c4" |
| }, |
| { |
| "url": "https://git.kernel.org/stable/c/396e17af6761b3cc9e6e4ca94b4de7f642bfece1" |
| }, |
| { |
| "url": "https://git.kernel.org/stable/c/7104ba0f1958adb250319e68a15eff89ec4fd36d" |
| } |
| ], |
| "title": "phy: ti: phy-omap-usb2: Fix NULL pointer dereference for SRP", |
| "x_generator": { |
| "engine": "bippy-1.2.0" |
| } |
| } |
| }, |
| "cveMetadata": { |
| "assignerOrgId": "f4215fc3-5b6b-47ff-a258-f7189bd81038", |
| "cveID": "CVE-2024-26600", |
| "requesterUserId": "gregkh@kernel.org", |
| "serial": "1", |
| "state": "PUBLISHED" |
| }, |
| "dataType": "CVE_RECORD", |
| "dataVersion": "5.0" |
| } |
