Description

In the Linux kernel, the following vulnerability has been resolved: usb: xhci: Add error handling in xhci_map_urb_for_dma Currently xhci_map_urb_for_dma() creates a temporary buffer and copies the SG list to the new linear buffer. But if the kzalloc_node() fails, then the following sg_pcopy_to_buffer() can lead to crash since it tries to memcpy to NULL pointer. So return -ENOMEM if kzalloc returns null pointer.

INFO

Published Date :

2024-05-01T05:19:28.437Z

Last Modified :

2025-05-04T09:00:57.071Z

Source :

Linux
AFFECTED PRODUCTS

The following products are affected by CVE-2024-26964 vulnerability.

Vendors Products
Linux
  • Linux Kernel
Redhat
  • Enterprise Linux
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2024-26964.

URL Resource
https://git.kernel.org/stable/c/4a49d24fdec0a802aa686a567a3989a9fdf4e5dd cve-icon cve-icon
https://git.kernel.org/stable/c/620b6cf2f1a270f48d38e6b8ce199c1acb3e90f4 cve-icon cve-icon
https://git.kernel.org/stable/c/7b6cc33593d7ccfc3011b290849cfa899db46757 cve-icon cve-icon
https://git.kernel.org/stable/c/962300a360d24c5be5a188cda48da58a37e4304d cve-icon cve-icon
https://git.kernel.org/stable/c/b2c898469dfc388f619c6c972a28466cbb1442ea cve-icon cve-icon
https://git.kernel.org/stable/c/be95cc6d71dfd0cba66e3621c65413321b398052 cve-icon cve-icon
https://lore.kernel.org/linux-cve-announce/2024050130-CVE-2024-26964-54c8@gregkh/T cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2024-26964 cve-icon
https://www.cve.org/CVERecord?id=CVE-2024-26964 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact