{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-46836", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2024-09-11T15:12:18.287Z", "datePublished": "2024-09-27T12:39:32.432Z", "dateUpdated": "2024-11-05T09:47:34.095Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-11-05T09:47:34.095Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: gadget: aspeed_udc: validate endpoint index for ast udc\n\nWe should verify the bound of the array to assure that host\nmay not manipulate the index to point past endpoint array.\n\nFound by static analysis."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/usb/gadget/udc/aspeed_udc.c"], "versions": [{"version": "1da177e4c3f4", "lessThan": "31bd4fab49c0", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f4", "lessThan": "b2a50ffdd1a0", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f4", "lessThan": "6fe9ca2ca389", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f4", "lessThan": "ee0d382feb44", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/usb/gadget/udc/aspeed_udc.c"], "versions": [{"version": "6.1.110", "lessThanOrEqual": "6.1.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.6.51", "lessThanOrEqual": "6.6.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.10.10", "lessThanOrEqual": "6.10.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.11", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "references": [{"url": "https://git.kernel.org/stable/c/31bd4fab49c0adc6228848357c1b1df9395858af"}, {"url": "https://git.kernel.org/stable/c/b2a50ffdd1a079869a62198a8d1441355c513c7c"}, {"url": "https://git.kernel.org/stable/c/6fe9ca2ca389114c8da66e534c18273497843e8a"}, {"url": "https://git.kernel.org/stable/c/ee0d382feb44ec0f445e2ad63786cd7f3f6a8199"}], "title": "usb: gadget: aspeed_udc: validate endpoint index for ast udc", "x_generator": {"engine": "bippy-9e1c9544281a"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-09-29T14:03:16.763459Z", "id": "CVE-2024-46836", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-29T14:03:21.656Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-46836", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-09-29T14:03:16.763459Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-29T14:03:17.927Z"}}], "cna": {"title": "usb: gadget: aspeed_udc: validate endpoint index for ast udc", "affected": [{"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "1da177e4c3f4", "lessThan": "31bd4fab49c0", "versionType": "git"}, {"status": "affected", "version": "1da177e4c3f4", "lessThan": "b2a50ffdd1a0", "versionType": "git"}, {"status": "affected", "version": "1da177e4c3f4", "lessThan": "6fe9ca2ca389", "versionType": "git"}, {"status": "affected", "version": "1da177e4c3f4", "lessThan": "ee0d382feb44", "versionType": "git"}], "programFiles": ["drivers/usb/gadget/udc/aspeed_udc.c"], "defaultStatus": "unaffected"}, {"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "unaffected", "version": "6.1.110", "versionType": "semver", "lessThanOrEqual": "6.1.*"}, {"status": "unaffected", "version": "6.6.51", "versionType": "semver", "lessThanOrEqual": "6.6.*"}, {"status": "unaffected", "version": "6.10.10", "versionType": "semver", "lessThanOrEqual": "6.10.*"}, {"status": "unaffected", "version": "6.11", "versionType": "original_commit_for_fix", "lessThanOrEqual": "*"}], "programFiles": ["drivers/usb/gadget/udc/aspeed_udc.c"], "defaultStatus": "affected"}], "references": [{"url": "https://git.kernel.org/stable/c/31bd4fab49c0adc6228848357c1b1df9395858af"}, {"url": "https://git.kernel.org/stable/c/b2a50ffdd1a079869a62198a8d1441355c513c7c"}, {"url": "https://git.kernel.org/stable/c/6fe9ca2ca389114c8da66e534c18273497843e8a"}, {"url": "https://git.kernel.org/stable/c/ee0d382feb44ec0f445e2ad63786cd7f3f6a8199"}], "x_generator": {"engine": "bippy-9e1c9544281a"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: gadget: aspeed_udc: validate endpoint index for ast udc\n\nWe should verify the bound of the array to assure that host\nmay not manipulate the index to point past endpoint array.\n\nFound by static analysis."}], "providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-11-05T09:47:34.095Z"}}}, "cveMetadata": {"cveId": "CVE-2024-46836", "state": "PUBLISHED", "dateUpdated": "2024-11-05T09:47:34.095Z", "dateReserved": "2024-09-11T15:12:18.287Z", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "datePublished": "2024-09-27T12:39:32.432Z", "assignerShortName": "Linux"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "4B07FE1B-3332-4F75-AABA-811FFB530187", "versionEndExcluding": "6.1.110", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "E4529134-BAC4-4776-840B-304009E181A0", "versionEndExcluding": "6.6.51", "versionStartIncluding": "6.2", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "ACDEE48C-137A-4731-90D0-A675865E1BED", "versionEndExcluding": "6.10.10", "versionStartIncluding": "6.7", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: gadget: aspeed_udc: validate endpoint index for ast udc\n\nWe should verify the bound of the array to assure that host\nmay not manipulate the index to point past endpoint array.\n\nFound by static analysis."}, {"lang": "es", "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: usb: gadget: aspeed_udc: validar \u00edndice de endpoint para ast udc Debemos verificar el l\u00edmite de la matriz para asegurarnos de que el host no pueda manipular el \u00edndice para que apunte m\u00e1s all\u00e1 de la matriz de endpoints. Se encontr\u00f3 mediante an\u00e1lisis est\u00e1tico."}], "id": "CVE-2024-46836", "lastModified": "2024-10-09T15:47:55.187", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2024-09-27T13:15:15.780", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/31bd4fab49c0adc6228848357c1b1df9395858af"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/6fe9ca2ca389114c8da66e534c18273497843e8a"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/b2a50ffdd1a079869a62198a8d1441355c513c7c"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/ee0d382feb44ec0f445e2ad63786cd7f3f6a8199"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-129"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"bugzilla": {"description": "kernel: usb: gadget: aspeed_udc: validate endpoint index for ast udc", "id": "2315188", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2315188"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.5", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "status": "draft"}, "details": ["In the Linux kernel, the following vulnerability has been resolved:\nusb: gadget: aspeed_udc: validate endpoint index for ast udc\nWe should verify the bound of the array to assure that host\nmay not manipulate the index to point past endpoint array.\nFound by static analysis."], "name": "CVE-2024-46836", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2024-09-27T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2024-46836\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-46836\nhttps://lore.kernel.org/linux-cve-announce/2024092753-CVE-2024-46836-acff@gregkh/T"], "threat_severity": "Moderate"}