CVE-2024-26651

sr9800: Add check for usbnet_get_endpoints

Severity Score

6.2

*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

Track

*SSVC

Descriptions

In the Linux kernel, the following vulnerability has been resolved: sr9800: Add check for usbnet_get_endpoints Add check for usbnet_get_endpoints() and return the error if it fails
in order to transfer the error.

En el kernel de Linux, se resolvió la siguiente vulnerabilidad: sr9800: Agregar verificación para usbnet_get_endpoints Agregar verificación para usbnet_get_endpoints() y devolver el error si falla para transferir el error.

Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not properly handle certain error conditions, leading to a NULL pointer dereference. A local attacker could possibly trigger this vulnerability to cause a denial of service. Zheng Wang discovered that the Broadcom FullMAC WLAN driver in the Linux kernel contained a race condition during device removal, leading to a use- after-free vulnerability. A physically proximate attacker could possibly use this to cause a denial of service.

*Credits: N/A

Attack Vector

Local

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

High

Attack Vector

Local

Attack Complexity

Low

Authentication

None

Confidentiality

None

Integrity

None

Availability

Complete

* Common Vulnerability Scoring System

SSVC

Decision:Track

Exploitation

None

Automatable

Tech. Impact

Partial

* Organization's Worst-case Scenario

Timeline

2024-02-19 CVE Reserved
2024-03-27 CVE Published
2024-12-19 CVE Updated
2025-03-30 EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CAPEC

References (12)

URL	Tag	Source
https://git.kernel.org/stable/c/19a38d8e0aa33b4f4d11d3b4baa902ad169daa80	Vuln. Introduced
https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html
https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html

URL	Date	SRC

URL	Date	SRC
https://git.kernel.org/stable/c/424eba06ed405d557077339edb19ce0ebe39e7c7	2024-03-26
https://git.kernel.org/stable/c/8a8b6a24684bc278036c3f159f7b3a31ad89546a	2024-03-26
https://git.kernel.org/stable/c/6b4a39acafaf0186ed8e97c16e0aa6fca0e52009	2024-03-26
https://git.kernel.org/stable/c/276873ae26c8d75b00747c1dadb9561d6ef20581	2024-03-26
https://git.kernel.org/stable/c/9c402819620a842cbfe39359a3ddfaac9adc8384	2024-03-26
https://git.kernel.org/stable/c/e39a3a14eafcf17f03c037290b78c8f483529028	2024-03-26
https://git.kernel.org/stable/c/efba65777f98457773c5b65e3135c6132d3b015f	2024-03-26
https://git.kernel.org/stable/c/f546cc19f9b82975238d0ba413adc27714750774	2024-03-26
https://git.kernel.org/stable/c/07161b2416f740a2cb87faa5566873f401440a61	2024-03-07

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 3.14 < 4.19.311 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.14 < 4.19.311"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 3.14 < 5.4.273 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.14 < 5.4.273"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 3.14 < 5.10.214 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.14 < 5.10.214"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 3.14 < 5.15.153 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.14 < 5.15.153"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 3.14 < 6.1.83 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.14 < 6.1.83"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 3.14 < 6.6.23 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.14 < 6.6.23"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 3.14 < 6.7.11 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.14 < 6.7.11"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 3.14 < 6.8.2 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.14 < 6.8.2"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 3.14 < 6.9 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.14 < 6.9"		en		Affected