cve/published/2024/CVE-2024-47671.mbox - pub/scm/linux/security/vulns - Git at Google

 From bippy-5f407fcff5a0 Mon Sep 17 00:00:00 2001
 From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
 To: <linux-cve-announce@vger.kernel.org>
 Reply-to: <cve@kernel.org>, <linux-kernel@vger.kernel.org>
 Subject: CVE-2024-47671: USB: usbtmc: prevent kernel-usb-infoleak

 Description
 ===========

 In the Linux kernel, the following vulnerability has been resolved:

 USB: usbtmc: prevent kernel-usb-infoleak

 The syzbot reported a kernel-usb-infoleak in usbtmc_write,
 we need to clear the structure before filling fields.

 The Linux kernel CVE team has assigned CVE-2024-47671 to this issue.


 Affected and fixed versions
 ===========================

 	Issue introduced in 4.20 with commit 4ddc645f40e90fa3bc7af3a3f3bd7d29e671a775 and fixed in 5.4.285 with commit fa652318887da530f2f9dbd9b0ea4a087d05ee12
 	Issue introduced in 4.20 with commit 4ddc645f40e90fa3bc7af3a3f3bd7d29e671a775 and fixed in 5.10.227 with commit 16e0ab9ed3ae7d19ca8ee718ba4e09d5c0f909ca
 	Issue introduced in 4.20 with commit 4ddc645f40e90fa3bc7af3a3f3bd7d29e671a775 and fixed in 5.15.168 with commit 0c927dfc0b9bd177f7ab6ee59ef0c4ea06c110a7
 	Issue introduced in 4.20 with commit 4ddc645f40e90fa3bc7af3a3f3bd7d29e671a775 and fixed in 6.1.112 with commit ba6269e187aa1b1f20faf3c458831a0d6350304b
 	Issue introduced in 4.20 with commit 4ddc645f40e90fa3bc7af3a3f3bd7d29e671a775 and fixed in 6.6.53 with commit 51297ef7ad7824ad577337f273cd092e81a9fa08
 	Issue introduced in 4.20 with commit 4ddc645f40e90fa3bc7af3a3f3bd7d29e671a775 and fixed in 6.10.12 with commit e872738e670ddd63e19f22d0d784f0bdf26ecba5
 	Issue introduced in 4.20 with commit 4ddc645f40e90fa3bc7af3a3f3bd7d29e671a775 and fixed in 6.11.1 with commit 6c7fc36da021b13c34c572a26ba336cd102418f8
 	Issue introduced in 4.20 with commit 4ddc645f40e90fa3bc7af3a3f3bd7d29e671a775 and fixed in 6.12 with commit 625fa77151f00c1bd00d34d60d6f2e710b3f9aad

 Please see https://www.kernel.org for a full list of currently supported
 kernel versions by the kernel community.

 Unaffected versions might change over time as fixes are backported to
 older supported kernel versions.  The official CVE entry at
 	https://cve.org/CVERecord/?id=CVE-2024-47671
 will be updated if fixes are backported, please check that for the most
 up to date information about this issue.


 Affected files
 ==============

 The file(s) affected by this issue are:
 	drivers/usb/class/usbtmc.c


 Mitigation
 ==========

 The Linux kernel CVE team recommends that you update to the latest
 stable kernel version for this, and many other bugfixes.  Individual
 changes are never tested alone, but rather are part of a larger kernel
 release.  Cherry-picking individual commits is not recommended or
 supported by the Linux kernel community at all.  If however, updating to
 the latest release is impossible, the individual changes to resolve this
 issue can be found at these commits:
 	https://git.kernel.org/stable/c/fa652318887da530f2f9dbd9b0ea4a087d05ee12
 	https://git.kernel.org/stable/c/16e0ab9ed3ae7d19ca8ee718ba4e09d5c0f909ca
 	https://git.kernel.org/stable/c/0c927dfc0b9bd177f7ab6ee59ef0c4ea06c110a7
 	https://git.kernel.org/stable/c/ba6269e187aa1b1f20faf3c458831a0d6350304b
 	https://git.kernel.org/stable/c/51297ef7ad7824ad577337f273cd092e81a9fa08
 	https://git.kernel.org/stable/c/e872738e670ddd63e19f22d0d784f0bdf26ecba5
 	https://git.kernel.org/stable/c/6c7fc36da021b13c34c572a26ba336cd102418f8
 	https://git.kernel.org/stable/c/625fa77151f00c1bd00d34d60d6f2e710b3f9aad
	From bippy-5f407fcff5a0 Mon Sep 17 00:00:00 2001
	From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
	To: <linux-cve-announce@vger.kernel.org>
	Reply-to: <cve@kernel.org>, <linux-kernel@vger.kernel.org>
	Subject: CVE-2024-47671: USB: usbtmc: prevent kernel-usb-infoleak

	Description
	===========

	In the Linux kernel, the following vulnerability has been resolved:

	USB: usbtmc: prevent kernel-usb-infoleak

	The syzbot reported a kernel-usb-infoleak in usbtmc_write,
	we need to clear the structure before filling fields.

	The Linux kernel CVE team has assigned CVE-2024-47671 to this issue.


	Affected and fixed versions
	===========================

	Issue introduced in 4.20 with commit 4ddc645f40e90fa3bc7af3a3f3bd7d29e671a775 and fixed in 5.4.285 with commit fa652318887da530f2f9dbd9b0ea4a087d05ee12
	Issue introduced in 4.20 with commit 4ddc645f40e90fa3bc7af3a3f3bd7d29e671a775 and fixed in 5.10.227 with commit 16e0ab9ed3ae7d19ca8ee718ba4e09d5c0f909ca
	Issue introduced in 4.20 with commit 4ddc645f40e90fa3bc7af3a3f3bd7d29e671a775 and fixed in 5.15.168 with commit 0c927dfc0b9bd177f7ab6ee59ef0c4ea06c110a7
	Issue introduced in 4.20 with commit 4ddc645f40e90fa3bc7af3a3f3bd7d29e671a775 and fixed in 6.1.112 with commit ba6269e187aa1b1f20faf3c458831a0d6350304b
	Issue introduced in 4.20 with commit 4ddc645f40e90fa3bc7af3a3f3bd7d29e671a775 and fixed in 6.6.53 with commit 51297ef7ad7824ad577337f273cd092e81a9fa08
	Issue introduced in 4.20 with commit 4ddc645f40e90fa3bc7af3a3f3bd7d29e671a775 and fixed in 6.10.12 with commit e872738e670ddd63e19f22d0d784f0bdf26ecba5
	Issue introduced in 4.20 with commit 4ddc645f40e90fa3bc7af3a3f3bd7d29e671a775 and fixed in 6.11.1 with commit 6c7fc36da021b13c34c572a26ba336cd102418f8
	Issue introduced in 4.20 with commit 4ddc645f40e90fa3bc7af3a3f3bd7d29e671a775 and fixed in 6.12 with commit 625fa77151f00c1bd00d34d60d6f2e710b3f9aad

	Please see https://www.kernel.org for a full list of currently supported
	kernel versions by the kernel community.

	Unaffected versions might change over time as fixes are backported to
	older supported kernel versions. The official CVE entry at
	https://cve.org/CVERecord/?id=CVE-2024-47671
	will be updated if fixes are backported, please check that for the most
	up to date information about this issue.


	Affected files
	==============

	The file(s) affected by this issue are:
	drivers/usb/class/usbtmc.c


	Mitigation
	==========

	The Linux kernel CVE team recommends that you update to the latest
	stable kernel version for this, and many other bugfixes. Individual
	changes are never tested alone, but rather are part of a larger kernel
	release. Cherry-picking individual commits is not recommended or
	supported by the Linux kernel community at all. If however, updating to
	the latest release is impossible, the individual changes to resolve this
	issue can be found at these commits:
	https://git.kernel.org/stable/c/fa652318887da530f2f9dbd9b0ea4a087d05ee12
	https://git.kernel.org/stable/c/16e0ab9ed3ae7d19ca8ee718ba4e09d5c0f909ca
	https://git.kernel.org/stable/c/0c927dfc0b9bd177f7ab6ee59ef0c4ea06c110a7
	https://git.kernel.org/stable/c/ba6269e187aa1b1f20faf3c458831a0d6350304b
	https://git.kernel.org/stable/c/51297ef7ad7824ad577337f273cd092e81a9fa08
	https://git.kernel.org/stable/c/e872738e670ddd63e19f22d0d784f0bdf26ecba5
	https://git.kernel.org/stable/c/6c7fc36da021b13c34c572a26ba336cd102418f8
	https://git.kernel.org/stable/c/625fa77151f00c1bd00d34d60d6f2e710b3f9aad