active/CVE-2024-26748


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16

Description: usb: cdns3: fix memory double free when handle zero packet
References:
Notes:
 carnil> Introduced in 7733f6c32e36 ("usb: cdns3: Add Cadence USB3 DRD Driver").
 carnil> Vulnerable versions: 5.4-rc1.
Bugs:
upstream: released (6.8-rc6) [5fd9e45f1ebcd57181358af28506e8a661a260b3]
6.7-upstream-stable: released (6.7.7) [92d20406a3d4ff3e8be667c79209dc9ed31df5b3]
6.6-upstream-stable: released (6.6.19) [70e8038813f9d3e72df966748ebbc40efe466019]
6.1-upstream-stable: released (6.1.80) [9a52b694b066f299d8b9800854a8503457a8b64c]
5.10-upstream-stable: released (5.10.211) [1e204a8e9eb514e22a6567fb340ebb47df3f3a48]
4.19-upstream-stable: N/A "Vulnerable code not present"
sid: released (6.7.7-1)
6.1-bookworm-security: released (6.1.82-1)
5.10-bullseye-security: needed
4.19-buster-security: N/A "Vulnerable code not present"