CVE-2024-26919
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
17/04/2024
Last modified:
16/09/2025
Description
In the Linux kernel, the following vulnerability has been resolved:<br />
<br />
usb: ulpi: Fix debugfs directory leak<br />
<br />
The ULPI per-device debugfs root is named after the ulpi device&#39;s<br />
parent, but ulpi_unregister_interface tries to remove a debugfs<br />
directory named after the ulpi device itself. This results in the<br />
directory sticking around and preventing subsequent (deferred) probes<br />
from succeeding. Change the directory name to match the ulpi device.
Impact
Base Score 3.x
5.50
Severity 3.x
MEDIUM
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 5.18 (including) | 6.1.79 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 6.2 (including) | 6.6.18 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 6.7 (including) | 6.7.6 (excluding) |
| cpe:2.3:o:linux:linux_kernel:6.8:rc1:*:*:*:*:*:* | ||
| cpe:2.3:o:linux:linux_kernel:6.8:rc2:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- https://git.kernel.org/stable/c/330d22aba17a4d30a56f007d0f51291d7e00862b
- https://git.kernel.org/stable/c/33713945cc92ea9c4a1a9479d5c1b7acb7fc4df3
- https://git.kernel.org/stable/c/3caf2b2ad7334ef35f55b95f3e1b138c6f77b368
- https://git.kernel.org/stable/c/d31b886ed6a5095214062ee4fb55037eb930adb6
- https://git.kernel.org/stable/c/330d22aba17a4d30a56f007d0f51291d7e00862b
- https://git.kernel.org/stable/c/33713945cc92ea9c4a1a9479d5c1b7acb7fc4df3
- https://git.kernel.org/stable/c/3caf2b2ad7334ef35f55b95f3e1b138c6f77b368
- https://git.kernel.org/stable/c/d31b886ed6a5095214062ee4fb55037eb930adb6