CVE-2024-47671

USB: usbtmc: prevent kernel-usb-infoleak

Severity Score

"-"

*CVSS v-

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

In the Linux kernel, the following vulnerability has been resolved:

USB: usbtmc: prevent kernel-usb-infoleak

The syzbot reported a kernel-usb-infoleak in usbtmc_write,
we need to clear the structure before filling fields.

*Credits: N/A

CVSS Scores

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality

Integrity

Availability

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2024-09-30 CVE Reserved
2024-10-09 CVE Published
2024-10-09 CVE Updated
---------- EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CAPEC

References (6)

URL	Tag	Source
https://git.kernel.org/stable/c/4ddc645f40e90fa3bc7af3a3f3bd7d29e671a775	Vuln. Introduced

URL	Date	SRC

URL	Date	SRC
https://git.kernel.org/stable/c/ba6269e187aa1b1f20faf3c458831a0d6350304b	2024-09-30
https://git.kernel.org/stable/c/51297ef7ad7824ad577337f273cd092e81a9fa08	2024-09-30
https://git.kernel.org/stable/c/e872738e670ddd63e19f22d0d784f0bdf26ecba5	2024-09-30
https://git.kernel.org/stable/c/6c7fc36da021b13c34c572a26ba336cd102418f8	2024-09-30
https://git.kernel.org/stable/c/625fa77151f00c1bd00d34d60d6f2e710b3f9aad	2024-09-11

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.20 < 6.1.112 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.20 < 6.1.112"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.20 < 6.6.53 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.20 < 6.6.53"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.20 < 6.10.12 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.20 < 6.10.12"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.20 < 6.11.1 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.20 < 6.11.1"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.20 < 6.12-rc1 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.20 < 6.12-rc1"		en		Affected