CVE-2024-42226 - OpenCVE

This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Redhat	Enterprise Linux

No data.

Package	CPE	Advisory	Released Date
Red Hat Enterprise Linux 8
kernel-rt-0:4.18.0-553.22.1.rt7.363.el8_10	cpe:/a:redhat:enterprise_linux:8::nfv	RHSA-2024:7001	2024-09-24T00:00:00Z
kernel-0:4.18.0-553.22.1.el8_10	cpe:/o:redhat:enterprise_linux:8	RHSA-2024:7000	2024-09-24T00:00:00Z

References

Link	Providers
https://lore.kernel.org/linux-cve-announce/2024073038-CVE-2024-42226-fa39@gregkh/T
https://nvd.nist.gov/vuln/detail/CVE-2024-42226
https://www.cve.org/CVERecord?id=CVE-2024-42226

History

Tue, 24 Sep 2024 11:00:00 +0000

Type	Values Removed	Values Added
CPEs		cpe:/o:redhat:enterprise_linux:8

Tue, 24 Sep 2024 06:30:00 +0000

Type	Values Removed	Values Added
First Time appeared		Redhat Redhat enterprise Linux
CPEs		cpe:/a:redhat:enterprise_linux:8::nfv
Vendors & Products		Redhat Redhat enterprise Linux

Fri, 16 Aug 2024 18:45:00 +0000

Type	Values Removed	Values Added
Weaknesses		CWE-822

Mon, 12 Aug 2024 14:00:00 +0000

Type	Values Removed	Values Added
Weaknesses	CWE-476
CPEs	cpe:2.3:o:linux:linux_kernel::::::::
Vendors & Products	Linux Linux linux Kernel
References	https://git.kernel.org/stable/c/1f4a10cb826fdec5cd442df010bcb3043bfd6464 https://git.kernel.org/stable/c/66cb618bf0bb82859875b00eeffaf223557cb416 https://git.kernel.org/stable/c/69bed24c82139bbad0a78a075e1834a2ea7bd064 https://git.kernel.org/stable/c/948554f1bb16e15b90006c109c3a558c66d4c4ac https://git.kernel.org/stable/c/9a24eb8010c2dc6a2eba56e3eb9fc07d14ffe00a https://git.kernel.org/stable/c/c0ee01e8ba19ff7edc98f68a114d4789faa219b9
Metrics	cvssV3_1 `{'score': 4.6, 'vector': 'CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H'}`	cvssV3_1 `{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H'}`

Sun, 11 Aug 2024 15:45:00 +0000

Type	Values Removed	Values Added
Description	In the Linux kernel, the following vulnerability has been resolved: usb: xhci: prevent potential failure in handle_tx_event() for Transfer events without TRB Some transfer events don't always point to a TRB, and consequently don't have a endpoint ring. In these cases, function handle_tx_event() should not proceed, because if 'ep->skip' is set, the pointer to the endpoint ring is used. To prevent a potential failure and make the code logical, return after checking the completion code for a Transfer event without TRBs.	This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
Title	usb: xhci: prevent potential failure in handle_tx_event() for Transfer events without TRB	kernel: usb: xhci: prevent potential failure in handle_tx_event() for Transfer events without TRB

MITRE

Status: REJECTED

Assigner: Linux

Published: 2024-07-30T07:47:07.319Z

Updated: 2024-08-11T15:33:01.397Z

Reserved: 2024-07-30T07:40:12.250Z

Link: CVE-2024-42226

Vulnrichment

No data.

NVD

Status : Rejected

Published: 2024-07-30T08:15:07.817

Modified: 2024-08-12T13:38:33.853

Link: CVE-2024-42226

Redhat

Severity : Moderate

Publid Date: 2024-07-30T00:00:00Z

Links: CVE-2024-42226 - Bugzilla

Metrics

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object