- Description
- In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: gadget: Fix NULL pointer dereference in dwc3_gadget_suspend In current scenario if Plug-out and Plug-In performed continuously there could be a chance while checking for dwc->gadget_driver in dwc3_gadget_suspend, a NULL pointer dereference may occur. Call Stack: CPU1: CPU2: gadget_unbind_driver dwc3_suspend_common dwc3_gadget_stop dwc3_gadget_suspend dwc3_disconnect_gadget CPU1 basically clears the variable and CPU2 checks the variable. Consider CPU1 is running and right before gadget_driver is cleared and in parallel CPU2 executes dwc3_gadget_suspend where it finds dwc->gadget_driver which is not NULL and resumes execution and then CPU1 completes execution. CPU2 executes dwc3_disconnect_gadget where it checks dwc->gadget_driver is already NULL because of which the NULL pointer deference occur.
- Source
- 416baaa9-dc9f-4396-8d5f-8c081fb06d67
- NVD status
- Analyzed
CVSS 3.1
- Type
- Primary
- Base score
- 5.5
- Impact score
- 3.6
- Exploitability score
- 1.8
- Vector string
- CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
- Severity
- MEDIUM
- nvd@nist.gov
- CWE-476
- Hype score
- Not currently trending
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "084CB2E9-06E3-4017-8B30-34B912B25198",
"versionEndExcluding": "3.17",
"versionStartIncluding": "3.16.81"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A722E651-3556-4E10-9B6A-7D0CE8D0C5D7",
"versionEndExcluding": "4.5",
"versionStartIncluding": "4.4.178"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "376A770D-C566-4363-8A6A-5F7D0D847BD8",
"versionEndExcluding": "5.15.149",
"versionStartIncluding": "4.6"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "656E2F29-1779-4EFC-AA64-8F984E2885B1",
"versionEndExcluding": "6.1.79",
"versionStartIncluding": "5.16"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BD961E49-FEDA-47CF-BF23-4D2BD942B4E0",
"versionEndExcluding": "6.6.18",
"versionStartIncluding": "6.2"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C6D6A5C8-7308-42A9-8A72-ABF3DEA4BB82",
"versionEndExcluding": "6.7.6",
"versionStartIncluding": "6.7"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:6.8:rc1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B9F4EA73-0894-400F-A490-3A397AB7A517"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:6.8:rc2:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "056BD938-0A27-4569-B391-30578B309EE3"
}
],
"operator": "OR"
}
]
}
]