5.5
MEDIUM
CVE-2024-57915
"Linux usb gadget: Null Pointer Vulnerability in u_serial"
Description

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.

INFO

Published Date :

Jan. 19, 2025, 12:15 p.m.

Last Modified :

Feb. 13, 2025, 4:16 p.m.

Source :

416baaa9-dc9f-4396-8d5f-8c081fb06d67

Remotely Exploitable :

No

Impact Score :

3.6

Exploitability Score :

1.8
Public PoC/Exploit Available at Github

CVE-2024-57915 has a 1 public PoC/Exploit available at Github. Go to the Public Exploits tab to see the list.

Affected Products

The following products are affected by CVE-2024-57915 vulnerability. Even if cvefeed.io is aware of the exact versions of the products that are affected, the information is not represented in the table below.

ID Vendor Product Action
1 Linux linux_kernel
: Total Affected Vendor : 1 | Products : 1

We scan GitHub repositories to detect new proof-of-concept exploits. Following list is a collection of public exploits and proof-of-concepts, which have been published on GitHub (sorted by the most recently updated).

Profile Photo
w4zu/Debian_security

DSA and DLA for Debian last 14 days

Python

Updated: 1 month ago
0 stars 0 fork 0 watcher
Born at : Feb. 12, 2025, 2:08 p.m. This repo has been linked 125 different CVEs too.

Results are limited to the first 15 repositories due to potential performance issues.

The following list is the news that have been mention CVE-2024-57915 vulnerability anywhere in the article.

The following table lists the changes that have been made to the CVE-2024-57915 vulnerability over time.

Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability's severity, exploitability, or other characteristics.

  • CVE Rejected by 416baaa9-dc9f-4396-8d5f-8c081fb06d67

    Feb. 13, 2025

    Action Type Old Value New Value
  • CVE Modified by 416baaa9-dc9f-4396-8d5f-8c081fb06d67

    Feb. 13, 2025

    Action Type Old Value New Value
    Changed Description In the Linux kernel, the following vulnerability has been resolved: usb: gadget: u_serial: Disable ep before setting port to null to fix the crash caused by port being null Considering that in some extreme cases, when performing the unbinding operation, gserial_disconnect has cleared gser->ioport, which triggers gadget reconfiguration, and then calls gs_read_complete, resulting in access to a null pointer. Therefore, ep is disabled before gserial_disconnect sets port to null to prevent this from happening. Call trace: gs_read_complete+0x58/0x240 usb_gadget_giveback_request+0x40/0x160 dwc3_remove_requests+0x170/0x484 dwc3_ep0_out_start+0xb0/0x1d4 __dwc3_gadget_start+0x25c/0x720 kretprobe_trampoline.cfi_jt+0x0/0x8 kretprobe_trampoline.cfi_jt+0x0/0x8 udc_bind_to_driver+0x1d8/0x300 usb_gadget_probe_driver+0xa8/0x1dc gadget_dev_desc_UDC_store+0x13c/0x188 configfs_write_iter+0x160/0x1f4 vfs_write+0x2d0/0x40c ksys_write+0x7c/0xf0 __arm64_sys_write+0x20/0x30 invoke_syscall+0x60/0x150 el0_svc_common+0x8c/0xf8 do_el0_svc+0x28/0xa0 el0_svc+0x24/0x84 Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
    Removed CVSS V3.1 NIST: AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
    Removed CWE NIST: CWE-476
    Removed CPE Configuration 3225683 Config Identifier: 0, OR *cpe:2.3:o:linux:linux_kernel:6.13:rc2:*:*:*:*:*:* *cpe:2.3:o:linux:linux_kernel:6.13:rc1:*:*:*:*:*:* *cpe:2.3:o:linux:linux_kernel:6.13:rc3:*:*:*:*:*:* *cpe:2.3:o:linux:linux_kernel:6.13:rc4:*:*:*:*:*:* *cpe:2.3:o:linux:linux_kernel:6.13:rc5:*:*:*:*:*:* *cpe:2.3:o:linux:linux_kernel:6.13:rc6:*:*:*:*:*:* *cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from (including) 6.7 from (excluding) 6.12.10 *cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from (including) 6.2 from (excluding) 6.6.72 *cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from (including) 2.6.27 from (excluding) 6.1.125
    Removed Reference kernel.org: https://git.kernel.org/stable/c/0c50f00cc29948184af05bda31392fff5821f4f3
    Removed Reference kernel.org: https://git.kernel.org/stable/c/1062b648bff63ed62b2d47a045e08ea9741d98ea
    Removed Reference kernel.org: https://git.kernel.org/stable/c/13014969cbf07f18d62ceea40bd8ca8ec9d36cec
    Removed Reference kernel.org: https://git.kernel.org/stable/c/3d730e8758c75b68a0152ee1ac48a270ea6725b4
    Removed Reference kernel.org: https://git.kernel.org/stable/c/8e122d780a0f19aefd700dbd0b0e3ed3af0ae97f
    Removed Reference kernel.org: https://git.kernel.org/stable/c/d2de56cc45ee447f005d63217e84988b4f02faa9
    Removed Reference kernel.org: https://git.kernel.org/stable/c/f5f33fb57aae12e4b0add79e0242f458ea0bc510
    Removed Reference Type kernel.org: https://git.kernel.org/stable/c/0c50f00cc29948184af05bda31392fff5821f4f3 Types: Patch
    Removed Reference Type kernel.org: https://git.kernel.org/stable/c/13014969cbf07f18d62ceea40bd8ca8ec9d36cec Types: Patch
    Removed Reference Type kernel.org: https://git.kernel.org/stable/c/3d730e8758c75b68a0152ee1ac48a270ea6725b4 Types: Patch
    Removed Reference Type kernel.org: https://git.kernel.org/stable/c/8e122d780a0f19aefd700dbd0b0e3ed3af0ae97f Types: Patch
    Removed Reference Type kernel.org: https://git.kernel.org/stable/c/d2de56cc45ee447f005d63217e84988b4f02faa9 Types: Patch
  • CVE Modified by 416baaa9-dc9f-4396-8d5f-8c081fb06d67

    Feb. 02, 2025

    Action Type Old Value New Value
    Added Reference https://git.kernel.org/stable/c/1062b648bff63ed62b2d47a045e08ea9741d98ea
    Added Reference https://git.kernel.org/stable/c/f5f33fb57aae12e4b0add79e0242f458ea0bc510
  • Initial Analysis by [email protected]

    Jan. 31, 2025

    Action Type Old Value New Value
    Added CVSS V3.1 NIST AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
    Added CWE NIST CWE-476
    Added CPE Configuration OR *cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from (including) 2.6.27 up to (excluding) 6.1.125 *cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from (including) 6.2 up to (excluding) 6.6.72 *cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from (including) 6.7 up to (excluding) 6.12.10 *cpe:2.3:o:linux:linux_kernel:6.13:rc1:*:*:*:*:*:* *cpe:2.3:o:linux:linux_kernel:6.13:rc2:*:*:*:*:*:* *cpe:2.3:o:linux:linux_kernel:6.13:rc3:*:*:*:*:*:* *cpe:2.3:o:linux:linux_kernel:6.13:rc4:*:*:*:*:*:* *cpe:2.3:o:linux:linux_kernel:6.13:rc5:*:*:*:*:*:* *cpe:2.3:o:linux:linux_kernel:6.13:rc6:*:*:*:*:*:*
    Changed Reference Type https://git.kernel.org/stable/c/0c50f00cc29948184af05bda31392fff5821f4f3 No Types Assigned https://git.kernel.org/stable/c/0c50f00cc29948184af05bda31392fff5821f4f3 Patch
    Changed Reference Type https://git.kernel.org/stable/c/13014969cbf07f18d62ceea40bd8ca8ec9d36cec No Types Assigned https://git.kernel.org/stable/c/13014969cbf07f18d62ceea40bd8ca8ec9d36cec Patch
    Changed Reference Type https://git.kernel.org/stable/c/3d730e8758c75b68a0152ee1ac48a270ea6725b4 No Types Assigned https://git.kernel.org/stable/c/3d730e8758c75b68a0152ee1ac48a270ea6725b4 Patch
    Changed Reference Type https://git.kernel.org/stable/c/8e122d780a0f19aefd700dbd0b0e3ed3af0ae97f No Types Assigned https://git.kernel.org/stable/c/8e122d780a0f19aefd700dbd0b0e3ed3af0ae97f Patch
    Changed Reference Type https://git.kernel.org/stable/c/d2de56cc45ee447f005d63217e84988b4f02faa9 No Types Assigned https://git.kernel.org/stable/c/d2de56cc45ee447f005d63217e84988b4f02faa9 Patch
  • CVE Modified by 416baaa9-dc9f-4396-8d5f-8c081fb06d67

    Jan. 23, 2025

    Action Type Old Value New Value
    Added Reference https://git.kernel.org/stable/c/d2de56cc45ee447f005d63217e84988b4f02faa9
  • New CVE Received by 416baaa9-dc9f-4396-8d5f-8c081fb06d67

    Jan. 19, 2025

    Action Type Old Value New Value
    Added Description In the Linux kernel, the following vulnerability has been resolved: usb: gadget: u_serial: Disable ep before setting port to null to fix the crash caused by port being null Considering that in some extreme cases, when performing the unbinding operation, gserial_disconnect has cleared gser->ioport, which triggers gadget reconfiguration, and then calls gs_read_complete, resulting in access to a null pointer. Therefore, ep is disabled before gserial_disconnect sets port to null to prevent this from happening. Call trace: gs_read_complete+0x58/0x240 usb_gadget_giveback_request+0x40/0x160 dwc3_remove_requests+0x170/0x484 dwc3_ep0_out_start+0xb0/0x1d4 __dwc3_gadget_start+0x25c/0x720 kretprobe_trampoline.cfi_jt+0x0/0x8 kretprobe_trampoline.cfi_jt+0x0/0x8 udc_bind_to_driver+0x1d8/0x300 usb_gadget_probe_driver+0xa8/0x1dc gadget_dev_desc_UDC_store+0x13c/0x188 configfs_write_iter+0x160/0x1f4 vfs_write+0x2d0/0x40c ksys_write+0x7c/0xf0 __arm64_sys_write+0x20/0x30 invoke_syscall+0x60/0x150 el0_svc_common+0x8c/0xf8 do_el0_svc+0x28/0xa0 el0_svc+0x24/0x84
    Added Reference https://git.kernel.org/stable/c/0c50f00cc29948184af05bda31392fff5821f4f3
    Added Reference https://git.kernel.org/stable/c/13014969cbf07f18d62ceea40bd8ca8ec9d36cec
    Added Reference https://git.kernel.org/stable/c/3d730e8758c75b68a0152ee1ac48a270ea6725b4
    Added Reference https://git.kernel.org/stable/c/8e122d780a0f19aefd700dbd0b0e3ed3af0ae97f
EPSS is a daily estimate of the probability of exploitation activity being observed over the next 30 days. Following chart shows the EPSS score history of the vulnerability.
CWE - Common Weakness Enumeration

While CVE identifies specific instances of vulnerabilities, CWE categorizes the common flaws or weaknesses that can lead to vulnerabilities. CVE-2024-57915 is associated with the following CWEs:

Common Attack Pattern Enumeration and Classification (CAPEC)

Common Attack Pattern Enumeration and Classification (CAPEC) stores attack patterns, which are descriptions of the common attributes and approaches employed by adversaries to exploit the CVE-2024-57915 weaknesses.

CVSS31 - Vulnerability Scoring System
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
: