{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-44960", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2024-08-21T05:34:56.666Z", "datePublished": "2024-09-04T18:35:58.469Z", "dateUpdated": "2024-11-05T09:42:59.427Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-11-05T09:42:59.427Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: gadget: core: Check for unset descriptor\n\nMake sure the descriptor has been set before looking at maxpacket.\nThis fixes a null pointer panic in this case.\n\nThis may happen if the gadget doesn't properly set up the endpoint\nfor the current speed, or the gadget descriptors are malformed and\nthe descriptor for the speed/endpoint are not found.\n\nNo current gadget driver is known to have this problem, but this\nmay cause a hard-to-find bug during development of new gadgets."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/usb/gadget/udc/core.c"], "versions": [{"version": "d1c188d330ca", "lessThan": "ba15815dd24c", "status": "affected", "versionType": "git"}, {"version": "54f83b8c8ea9", "lessThan": "df8e734ae5e6", "status": "affected", "versionType": "git"}, {"version": "54f83b8c8ea9", "lessThan": "7cc9ebcfe58b", "status": "affected", "versionType": "git"}, {"version": "54f83b8c8ea9", "lessThan": "50c5248b0ea8", "status": "affected", "versionType": "git"}, {"version": "54f83b8c8ea9", "lessThan": "a0362cd6e503", "status": "affected", "versionType": "git"}, {"version": "54f83b8c8ea9", "lessThan": "1a9df57d5745", "status": "affected", "versionType": "git"}, {"version": "54f83b8c8ea9", "lessThan": "716cba46f73a", "status": "affected", "versionType": "git"}, {"version": "54f83b8c8ea9", "lessThan": "973a57891608", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/usb/gadget/udc/core.c"], "versions": [{"version": "5.4", "status": "affected"}, {"version": "0", "lessThan": "5.4", "status": "unaffected", "versionType": "semver"}, {"version": "4.19.320", "lessThanOrEqual": "4.19.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.4.282", "lessThanOrEqual": "5.4.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.10.224", "lessThanOrEqual": "5.10.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.15.165", "lessThanOrEqual": "5.15.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.1.105", "lessThanOrEqual": "6.1.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.6.46", "lessThanOrEqual": "6.6.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.10.5", "lessThanOrEqual": "6.10.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.11", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "references": [{"url": "https://git.kernel.org/stable/c/ba15815dd24cc5ec0d23e2170dc58c7db1e03b4a"}, {"url": "https://git.kernel.org/stable/c/df8e734ae5e605348aa0ca2498aedb73e815f244"}, {"url": "https://git.kernel.org/stable/c/7cc9ebcfe58be22f18056ad8bc6272d120bdcb3e"}, {"url": "https://git.kernel.org/stable/c/50c5248b0ea8aae0529fdf28dac42a41312d3b62"}, {"url": "https://git.kernel.org/stable/c/a0362cd6e503278add954123957fd47990e8d9bf"}, {"url": "https://git.kernel.org/stable/c/1a9df57d57452b104c46c918569143cf21d7ebf1"}, {"url": "https://git.kernel.org/stable/c/716cba46f73a92645cf13eded8d257ed48afc2a4"}, {"url": "https://git.kernel.org/stable/c/973a57891608a98e894db2887f278777f564de18"}], "title": "usb: gadget: core: Check for unset descriptor", "x_generator": {"engine": "bippy-9e1c9544281a"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-44960", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-09-10T17:39:50.689815Z"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-12T17:33:35.969Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-44960", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-09-10T17:39:50.689815Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-11T12:42:27.583Z"}}], "cna": {"title": "usb: gadget: core: Check for unset descriptor", "affected": [{"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "d1c188d330ca", "lessThan": "ba15815dd24c", "versionType": "git"}, {"status": "affected", "version": "54f83b8c8ea9", "lessThan": "df8e734ae5e6", "versionType": "git"}, {"status": "affected", "version": "54f83b8c8ea9", "lessThan": "7cc9ebcfe58b", "versionType": "git"}, {"status": "affected", "version": "54f83b8c8ea9", "lessThan": "50c5248b0ea8", "versionType": "git"}, {"status": "affected", "version": "54f83b8c8ea9", "lessThan": "a0362cd6e503", "versionType": "git"}, {"status": "affected", "version": "54f83b8c8ea9", "lessThan": "1a9df57d5745", "versionType": "git"}, {"status": "affected", "version": "54f83b8c8ea9", "lessThan": "716cba46f73a", "versionType": "git"}, {"status": "affected", "version": "54f83b8c8ea9", "lessThan": "973a57891608", "versionType": "git"}], "programFiles": ["drivers/usb/gadget/udc/core.c"], "defaultStatus": "unaffected"}, {"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "5.4"}, {"status": "unaffected", "version": "0", "lessThan": "5.4", "versionType": "custom"}, {"status": "unaffected", "version": "4.19.320", "versionType": "custom", "lessThanOrEqual": "4.19.*"}, {"status": "unaffected", "version": "5.4.282", "versionType": "custom", "lessThanOrEqual": "5.4.*"}, {"status": "unaffected", "version": "5.10.224", "versionType": "custom", "lessThanOrEqual": "5.10.*"}, {"status": "unaffected", "version": "5.15.165", "versionType": "custom", "lessThanOrEqual": "5.15.*"}, {"status": "unaffected", "version": "6.1.105", "versionType": "custom", "lessThanOrEqual": "6.1.*"}, {"status": "unaffected", "version": "6.6.46", "versionType": "custom", "lessThanOrEqual": "6.6.*"}, {"status": "unaffected", "version": "6.10.5", "versionType": "custom", "lessThanOrEqual": "6.10.*"}, {"status": "unaffected", "version": "6.11", "versionType": "original_commit_for_fix", "lessThanOrEqual": "*"}], "programFiles": ["drivers/usb/gadget/udc/core.c"], "defaultStatus": "affected"}], "references": [{"url": "https://git.kernel.org/stable/c/ba15815dd24cc5ec0d23e2170dc58c7db1e03b4a"}, {"url": "https://git.kernel.org/stable/c/df8e734ae5e605348aa0ca2498aedb73e815f244"}, {"url": "https://git.kernel.org/stable/c/7cc9ebcfe58be22f18056ad8bc6272d120bdcb3e"}, {"url": "https://git.kernel.org/stable/c/50c5248b0ea8aae0529fdf28dac42a41312d3b62"}, {"url": "https://git.kernel.org/stable/c/a0362cd6e503278add954123957fd47990e8d9bf"}, {"url": "https://git.kernel.org/stable/c/1a9df57d57452b104c46c918569143cf21d7ebf1"}, {"url": "https://git.kernel.org/stable/c/716cba46f73a92645cf13eded8d257ed48afc2a4"}, {"url": "https://git.kernel.org/stable/c/973a57891608a98e894db2887f278777f564de18"}], "x_generator": {"engine": "bippy-c9c4e1df01b2"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: gadget: core: Check for unset descriptor\n\nMake sure the descriptor has been set before looking at maxpacket.\nThis fixes a null pointer panic in this case.\n\nThis may happen if the gadget doesn't properly set up the endpoint\nfor the current speed, or the gadget descriptors are malformed and\nthe descriptor for the speed/endpoint are not found.\n\nNo current gadget driver is known to have this problem, but this\nmay cause a hard-to-find bug during development of new gadgets."}], "providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-09-15T17:55:59.770Z"}}}, "cveMetadata": {"cveId": "CVE-2024-44960", "state": "PUBLISHED", "dateUpdated": "2024-09-15T17:55:59.770Z", "dateReserved": "2024-08-21T05:34:56.666Z", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "datePublished": "2024-09-04T18:35:58.469Z", "assignerShortName": "Linux"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "FCEACD53-4C61-448A-951D-C3C645EF9D55", "versionEndExcluding": "3.16.80", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "EC33DDAB-9CF7-4452-99C6-58B6EB60F698", "versionEndExcluding": "4.4.199", "versionStartIncluding": "3.17", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "5DE008FD-9909-4CB8-8B1B-2C49DBB96702", "versionEndExcluding": "4.9.199", "versionStartIncluding": "4.5", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "AA96BD97-C28E-407E-82EA-D9EE0428AEE5", "versionEndExcluding": "4.14.152", "versionStartIncluding": "4.10", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "3421D9CE-A117-4146-823F-2EC2FE3AD3E1", "versionEndExcluding": "4.19.320", "versionStartIncluding": "4.15", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "BC19B2E4-2B1F-44F3-9944-91396EAC744D", "versionEndExcluding": "5.3.9", "versionStartIncluding": "4.20", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "59820E9E-626E-45C5-9B78-D888139CB0BF", "versionEndExcluding": "5.4.282", "versionStartIncluding": "5.4", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "5CCEDF13-293D-4E64-B501-4409D0365AFE", "versionEndExcluding": "5.10.224", "versionStartIncluding": "5.5", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "B4E2B568-3171-41DE-B519-F2B1A3600D94", "versionEndExcluding": "5.15.165", "versionStartIncluding": "5.11", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "89BEB24B-0F37-4C92-A397-564DA7CD8EE9", "versionEndExcluding": "6.1.105", "versionStartIncluding": "5.16", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "FA11941E-81FB-484C-B583-881EEB488340", "versionEndExcluding": "6.6.46", "versionStartIncluding": "6.2", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "D074AE50-4A5E-499C-A2FD-75FD60DEA560", "versionEndExcluding": "6.10.5", "versionStartIncluding": "6.7", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc1:*:*:*:*:*:*", "matchCriteriaId": "8B3CE743-2126-47A3-8B7C-822B502CF119", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc2:*:*:*:*:*:*", "matchCriteriaId": "4DEB27E7-30AA-45CC-8934-B89263EF3551", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: gadget: core: Check for unset descriptor\n\nMake sure the descriptor has been set before looking at maxpacket.\nThis fixes a null pointer panic in this case.\n\nThis may happen if the gadget doesn't properly set up the endpoint\nfor the current speed, or the gadget descriptors are malformed and\nthe descriptor for the speed/endpoint are not found.\n\nNo current gadget driver is known to have this problem, but this\nmay cause a hard-to-find bug during development of new gadgets."}, {"lang": "es", "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: usb: gadget: core: Comprobar si hay un descriptor no configurado Aseg\u00farese de que el descriptor se haya configurado antes de consultar maxpacket. Esto soluciona un error de puntero nulo en este caso. Esto puede suceder si el gadget no configura correctamente el endpoint para la velocidad actual, o si los descriptores del gadget est\u00e1n mal formados y no se encuentra el descriptor para la velocidad/endpoint. No se conoce ning\u00fan controlador de gadget actual que tenga este problema, pero puede causar un error dif\u00edcil de encontrar durante el desarrollo de nuevos gadgets."}], "id": "CVE-2024-44960", "lastModified": "2024-10-04T16:44:05.497", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2024-09-04T19:15:30.700", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/1a9df57d57452b104c46c918569143cf21d7ebf1"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/50c5248b0ea8aae0529fdf28dac42a41312d3b62"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/716cba46f73a92645cf13eded8d257ed48afc2a4"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/7cc9ebcfe58be22f18056ad8bc6272d120bdcb3e"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/973a57891608a98e894db2887f278777f564de18"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/a0362cd6e503278add954123957fd47990e8d9bf"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/ba15815dd24cc5ec0d23e2170dc58c7db1e03b4a"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/df8e734ae5e605348aa0ca2498aedb73e815f244"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-476"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"affected_release": [{"advisory": "RHSA-2024:9315", "cpe": "cpe:/a:redhat:enterprise_linux:9", "package": "kernel-0:5.14.0-503.11.1.el9_5", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2024-11-12T00:00:00Z"}, {"advisory": "RHSA-2024:9315", "cpe": "cpe:/o:redhat:enterprise_linux:9", "package": "kernel-0:5.14.0-503.11.1.el9_5", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2024-11-12T00:00:00Z"}], "bugzilla": {"description": "kernel: usb: gadget: core: Check for unset descriptor", "id": "2309791", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2309791"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.5", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "status": "verified"}, "cwe": "CWE-476", "details": ["In the Linux kernel, the following vulnerability has been resolved:\nusb: gadget: core: Check for unset descriptor\nMake sure the descriptor has been set before looking at maxpacket.\nThis fixes a null pointer panic in this case.\nThis may happen if the gadget doesn't properly set up the endpoint\nfor the current speed, or the gadget descriptors are malformed and\nthe descriptor for the speed/endpoint are not found.\nNo current gadget driver is known to have this problem, but this\nmay cause a hard-to-find bug during development of new gadgets."], "name": "CVE-2024-44960", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Will not fix", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2024-09-04T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2024-44960\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-44960\nhttps://lore.kernel.org/linux-cve-announce/2024090413-CVE-2024-44960-039b@gregkh/T"], "threat_severity": "Moderate"}