CVE-2024-38628

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: u_audio: Fix race condition use of controls after free during gadget unbind. Hang on to the control IDs instead of pointers since those are correctly handled with locks.

CVSS v3 5.5 MEDIUM

5.5^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 1.8 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://git.kernel.org/stable/c/1b739388aa3f8dfb63a9fca777e6dfa6912d0464	Patch
https://git.kernel.org/stable/c/453d3fa9266e53f85377b911c19b9a4563fa88c0	Patch
https://git.kernel.org/stable/c/89e66809684485590ea0b32c3178e42cba36ac09	Patch
https://git.kernel.org/stable/c/bea73b58ab67fe581037ad9cdb93c2557590c068	Patch
https://git.kernel.org/stable/c/1b739388aa3f8dfb63a9fca777e6dfa6912d0464	Patch
https://git.kernel.org/stable/c/453d3fa9266e53f85377b911c19b9a4563fa88c0	Patch
https://git.kernel.org/stable/c/89e66809684485590ea0b32c3178e42cba36ac09	Patch
https://git.kernel.org/stable/c/bea73b58ab67fe581037ad9cdb93c2557590c068	Patch

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::

History

No history.

Information

Published : 2024-06-21 11:15

Updated : 2025-03-24 18:09

NVD link : CVE-2024-38628

Mitre link : CVE-2024-38628

CVE.ORG link : CVE-2024-38628

JSON object : View

Products Affected

linux

linux_kernel

CWE

CWE-362

Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

{"id": "CVE-2024-38628", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 1.8}]}, "published": "2024-06-21T11:15:11.660", "references": [{"url": "https://git.kernel.org/stable/c/1b739388aa3f8dfb63a9fca777e6dfa6912d0464", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/453d3fa9266e53f85377b911c19b9a4563fa88c0", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/89e66809684485590ea0b32c3178e42cba36ac09", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/bea73b58ab67fe581037ad9cdb93c2557590c068", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/1b739388aa3f8dfb63a9fca777e6dfa6912d0464", "tags": ["Patch"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://git.kernel.org/stable/c/453d3fa9266e53f85377b911c19b9a4563fa88c0", "tags": ["Patch"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://git.kernel.org/stable/c/89e66809684485590ea0b32c3178e42cba36ac09", "tags": ["Patch"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://git.kernel.org/stable/c/bea73b58ab67fe581037ad9cdb93c2557590c068", "tags": ["Patch"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "description": [{"lang": "en", "value": "CWE-362"}]}], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: gadget: u_audio: Fix race condition use of controls after free during gadget unbind.\n\nHang on to the control IDs instead of pointers since those are correctly\nhandled with locks."}, {"lang": "es", "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: usb: gadget: u_audio: se corrigi\u00f3 el uso de los controles en condiciones de ejecuci\u00f3n despu\u00e9s de liberarse durante la desvinculaci\u00f3n del gadget. Conserve las ID de control en lugar de los punteros, ya que se manejan correctamente con candados."}], "lastModified": "2025-03-24T18:09:37.237", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "69EFFE97-6207-45DC-9EF4-9E33788B91D4", "versionEndExcluding": "6.1.93", "versionStartIncluding": "5.15"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FCE796DF-3B50-4DC6-BAE5-95271068FC9E", "versionEndExcluding": "6.6.33", "versionStartIncluding": "6.2"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "991B9791-966A-4D18-9E8D-A8AB128E5627", "versionEndExcluding": "6.9.4", "versionStartIncluding": "6.7"}], "operator": "OR"}]}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}