Lucene search
LinuxVULNRICHMENT:CVE-2024-40903HistoryJul 12, 2024 - 12:20 p.m.
CVE-2024-40903 usb: typec: tcpm: fix use-after-free case in tcpm_register_source_caps
2024-07-1212:20:44
Linux
github.com
1
linux kernel
usb
type-c
tcpm
vulnerability
In the Linux kernel, the following vulnerability has been resolved:
usb: typec: tcpm: fix use-after-free case in tcpm_register_source_caps
There could be a potential use-after-free case in
tcpm_register_source_caps(). This could happen when:
- new (say invalid) source caps are advertised
- the existing source caps are unregistered
- tcpm_register_source_caps() returns with an error as
usb_power_delivery_register_capabilities() fails
This causes port->partner_source_caps to hold on to the now freed source
caps.
Reset port->partner_source_caps value to NULL after unregistering
existing source caps.
Related
nvd
nvd
CVE-2024-40903
2024-07-12 13:15:13
ubuntucve
ubuntucve
CVE-2024-40903
2024-07-12 00:00:00
osv
osv
CVE-2024-40903
2024-07-12 13:15:00
linux - security update
2024-07-16 00:00:00
linux-nvidia, linux-nvidia-lowlatency vulnerabilities
2024-09-12 13:47:54
cve
cve
CVE-2024-40903
2024-07-12 13:15:13
cvelist
cvelist
debiancve
debiancve
CVE-2024-40903
2024-07-12 13:15:13
redhatcve
redhatcve
CVE-2024-40903
2024-07-16 14:23:05
openvas
openvas
Debian: Security Advisory (DSA-5731-1)
2024-07-17 00:00:00
Ubuntu: Security Advisory (USN-7005-2)
2024-09-16 00:00:00
Ubuntu: Security Advisory (USN-7005-1)
2024-09-13 00:00:00
nessus
nessus
Debian dsa-5731 : affs-modules-6.1.0-21-4kc-malta-di - security update
2024-07-16 00:00:00
Ubuntu 22.04 LTS : Linux kernel vulnerabilities (USN-7005-2)
2024-09-13 00:00:00
Ubuntu 24.04 LTS : Linux kernel vulnerabilities (USN-6999-1)
2024-09-11 00:00:00
AI Score
6.7
Confidence
Low
SSVC
Exploitation
none
Automatable
no
Technical Impact
partial
Related for VULNRICHMENT:CVE-2024-40903