CVE-2024-38565

CVE Details

Release Date:2024-06-19

Description


In the Linux kernel, the following vulnerability has been resolved:\nwifi: ar5523: enable proper endpoint verification\nSyzkaller reports [1] hitting a warning about an endpoint in use\nnot having an expected type to it.\nFix the issue by checking for the existence of all proper\nendpoints with their according types intact.\nSadly, this patch has not been tested on real hardware.\n[1] Syzkaller report:\n------------[ cut here ]------------\nusb 1-1: BOGUS urb xfer, pipe 3 != type 1\nWARNING: CPU: 0 PID: 3643 at drivers/usb/core/urb.c:504 usb_submit_urb+0xed6/0x1880 drivers/usb/core/urb.c:504\n...\nCall Trace:\n\nar5523_cmd+0x41b/0x780 drivers/net/wireless/ath/ar5523/ar5523.c:275\nar5523_cmd_read drivers/net/wireless/ath/ar5523/ar5523.c:302 [inline]\nar5523_host_available drivers/net/wireless/ath/ar5523/ar5523.c:1376 [inline]\nar5523_probe+0x14b0/0x1d10 drivers/net/wireless/ath/ar5523/ar5523.c:1655\nusb_probe_interface+0x30f/0x7f0 drivers/usb/core/driver.c:396\ncall_driver_probe drivers/base/dd.c:560 [inline]\nreally_probe+0x249/0xb90 drivers/base/dd.c:639\n__driver_probe_device+0x1df/0x4d0 drivers/base/dd.c:778\ndriver_probe_device+0x4c/0x1a0 drivers/base/dd.c:808\n__device_attach_driver+0x1d4/0x2e0 drivers/base/dd.c:936\nbus_for_each_drv+0x163/0x1e0 drivers/base/bus.c:427\n__device_attach+0x1e4/0x530 drivers/base/dd.c:1008\nbus_probe_device+0x1e8/0x2a0 drivers/base/bus.c:487\ndevice_add+0xbd9/0x1e90 drivers/base/core.c:3517\nusb_set_configuration+0x101d/0x1900 drivers/usb/core/message.c:2170\nusb_generic_driver_probe+0xbe/0x100 drivers/usb/core/generic.c:238\nusb_probe_device+0xd8/0x2c0 drivers/usb/core/driver.c:293\ncall_driver_probe drivers/base/dd.c:560 [inline]\nreally_probe+0x249/0xb90 drivers/base/dd.c:639\n__driver_probe_device+0x1df/0x4d0 drivers/base/dd.c:778\ndriver_probe_device+0x4c/0x1a0 drivers/base/dd.c:808\n__device_attach_driver+0x1d4/0x2e0 drivers/base/dd.c:936\nbus_for_each_drv+0x163/0x1e0 drivers/base/bus.c:427\n__device_attach+0x1e4/0x530 drivers/base/dd.c:1008\nbus_probe_device+0x1e8/0x2a0 drivers/base/bus.c:487\ndevice_add+0xbd9/0x1e90 drivers/base/core.c:3517\nusb_new_device.cold+0x685/0x10ad drivers/usb/core/hub.c:2573\nhub_port_connect drivers/usb/core/hub.c:5353 [inline]\nhub_port_connect_change drivers/usb/core/hub.c:5497 [inline]\nport_event drivers/usb/core/hub.c:5653 [inline]\nhub_event+0x26cb/0x45d0 drivers/usb/core/hub.c:5735\nprocess_one_work+0x9bf/0x1710 kernel/workqueue.c:2289\nworker_thread+0x669/0x1090 kernel/workqueue.c:2436\nkthread+0x2e8/0x3a0 kernel/kthread.c:376\nret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:306\n

See more information about CVE-2024-38565 from MITRE CVE dictionary and NIST NVD


CVSS Scoring


NOTE: The following CVSS v3.1 metrics and score provided are preliminary and subject to review.

Base Score: 4.4 CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
Attack Vector: Local network Attack Complexity: Low
Privileges Required: High User Interaction: None
Scope: Unchanged Confidentiality Impact: None
Integrity Impact: None Availability Impact: High

Errata information


PlatformErrataRelease Date
Oracle Linux version 7 (kernel-uek)ELSA-2024-125812024-08-12
Oracle Linux version 7 (kernel-uek)ELSA-2024-126112024-09-11
Oracle Linux version 7 (kernel-uek-container)ELSA-2024-125852024-08-12
Oracle Linux version 8 (kernel-uek)ELSA-2024-125812024-08-12
Oracle Linux version 8 (kernel-uek-container)ELSA-2024-125842024-08-12


This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections:

software.hardware.complete