CVE-2024-46719

Updated: 2024-09-21 05:04:06.256298

Description:

In the Linux kernel, the following vulnerability has been resolved: usb: typec: ucsi: Fix null pointer dereference in trace ucsi_register_altmode checks IS_ERR for the alt pointer and treats NULL as valid. When CONFIG_TYPEC_DP_ALTMODE is not enabled, ucsi_register_displayport returns NULL which causes a NULL pointer dereference in trace. Rather than return NULL, call typec_port_register_altmode to register DisplayPort alternate mode as a non-controllable mode when CONFIG_TYPEC_DP_ALTMODE is not enabled.


Links NIST CIRCL RHEL Ubuntu

Severity

Severity Score
CVSS Version 2.x 0
CVSS Version 3.x MEDIUM 5.5

Status

OS name Project name Version Score Severity Status Errata Last updated

Statement

AlmaLinux 9.2 ESU kernel 5.14.0 5.5 MEDIUM Ignored 2024-09-23 05:22:37
AlmaLinux 9.2 FIPS kernel 5.14.0 5.5 MEDIUM Ignored 2024-09-23 05:22:37
CentOS 6 ELS kernel 2.6.32 5.5 MEDIUM Ignored 2024-09-23 05:22:37
CentOS 7 ELS kernel 3.10.0 5.5 MEDIUM Ignored 2024-09-23 05:22:35
CentOS 8.4 ELS kernel 4.18.0 5.5 MEDIUM Ignored 2024-09-23 05:22:37
CentOS 8.5 ELS kernel 4.18.0 5.5 MEDIUM Ignored 2024-09-23 05:22:37
CentOS Stream 8 ELS kernel 4.18.0 5.5 MEDIUM Ignored 2024-09-23 05:22:35
CloudLinux 6 ELS kernel 2.6.32 5.5 MEDIUM Ignored 2024-09-23 05:22:37
CloudLinux 7 ELS kernel 3.10.0 5.5 MEDIUM Ignored 2024-09-23 05:22:35
Oracle Linux 6 ELS kernel 2.6.32 5.5 MEDIUM Ignored 2024-09-23 05:22:35
Total: 14