CVE-2024-38628

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: u_audio: Fix race condition use of controls after free during gadget unbind. Hang on to the control IDs instead of pointers since those are correctly handled with locks.

CVSS

No CVSS.

References

Link	Resource
https://git.kernel.org/stable/c/1b739388aa3f8dfb63a9fca777e6dfa6912d0464	Patch
https://git.kernel.org/stable/c/1b739388aa3f8dfb63a9fca777e6dfa6912d0464	Patch
https://git.kernel.org/stable/c/453d3fa9266e53f85377b911c19b9a4563fa88c0	Patch
https://git.kernel.org/stable/c/453d3fa9266e53f85377b911c19b9a4563fa88c0	Patch
https://git.kernel.org/stable/c/89e66809684485590ea0b32c3178e42cba36ac09	Patch
https://git.kernel.org/stable/c/89e66809684485590ea0b32c3178e42cba36ac09	Patch
https://git.kernel.org/stable/c/bea73b58ab67fe581037ad9cdb93c2557590c068	Patch
https://git.kernel.org/stable/c/bea73b58ab67fe581037ad9cdb93c2557590c068	Patch

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::

History

24 Mar 2025, 18:09

Type	Values Removed	Values Added
First Time		Linux linux Kernel Linux
CPE		cpe:2.3:o:linux:linux_kernel::::::::
References	~~() https://git.kernel.org/stable/c/453d3fa9266e53f85377b911c19b9a4563fa88c0 -~~	() https://git.kernel.org/stable/c/453d3fa9266e53f85377b911c19b9a4563fa88c0 - Patch
References	~~() https://git.kernel.org/stable/c/bea73b58ab67fe581037ad9cdb93c2557590c068 -~~	() https://git.kernel.org/stable/c/bea73b58ab67fe581037ad9cdb93c2557590c068 - Patch
References	~~() https://git.kernel.org/stable/c/1b739388aa3f8dfb63a9fca777e6dfa6912d0464 -~~	() https://git.kernel.org/stable/c/1b739388aa3f8dfb63a9fca777e6dfa6912d0464 - Patch
References	~~() https://git.kernel.org/stable/c/89e66809684485590ea0b32c3178e42cba36ac09 -~~	() https://git.kernel.org/stable/c/89e66809684485590ea0b32c3178e42cba36ac09 - Patch

21 Jun 2024, 11:22

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-06-21 11:15

Updated : 2025-03-24 18:09

NVD link : CVE-2024-38628

Mitre link : CVE-2024-38628

JSON object : View

Products Affected

linux

linux_kernel

CWE

No CWE.

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "https://git.kernel.org/stable/c/1b739388aa3f8dfb63a9fca777e6dfa6912d0464", "name": "https://git.kernel.org/stable/c/1b739388aa3f8dfb63a9fca777e6dfa6912d0464", "tags": ["Patch"], "refsource": ""}, {"url": "https://git.kernel.org/stable/c/1b739388aa3f8dfb63a9fca777e6dfa6912d0464", "name": "https://git.kernel.org/stable/c/1b739388aa3f8dfb63a9fca777e6dfa6912d0464", "tags": ["Patch"], "refsource": ""}, {"url": "https://git.kernel.org/stable/c/453d3fa9266e53f85377b911c19b9a4563fa88c0", "name": "https://git.kernel.org/stable/c/453d3fa9266e53f85377b911c19b9a4563fa88c0", "tags": ["Patch"], "refsource": ""}, {"url": "https://git.kernel.org/stable/c/453d3fa9266e53f85377b911c19b9a4563fa88c0", "name": "https://git.kernel.org/stable/c/453d3fa9266e53f85377b911c19b9a4563fa88c0", "tags": ["Patch"], "refsource": ""}, {"url": "https://git.kernel.org/stable/c/89e66809684485590ea0b32c3178e42cba36ac09", "name": "https://git.kernel.org/stable/c/89e66809684485590ea0b32c3178e42cba36ac09", "tags": ["Patch"], "refsource": ""}, {"url": "https://git.kernel.org/stable/c/89e66809684485590ea0b32c3178e42cba36ac09", "name": "https://git.kernel.org/stable/c/89e66809684485590ea0b32c3178e42cba36ac09", "tags": ["Patch"], "refsource": ""}, {"url": "https://git.kernel.org/stable/c/bea73b58ab67fe581037ad9cdb93c2557590c068", "name": "https://git.kernel.org/stable/c/bea73b58ab67fe581037ad9cdb93c2557590c068", "tags": ["Patch"], "refsource": ""}, {"url": "https://git.kernel.org/stable/c/bea73b58ab67fe581037ad9cdb93c2557590c068", "name": "https://git.kernel.org/stable/c/bea73b58ab67fe581037ad9cdb93c2557590c068", "tags": ["Patch"], "refsource": ""}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: gadget: u_audio: Fix race condition use of controls after free during gadget unbind.\n\nHang on to the control IDs instead of pointers since those are correctly\nhandled with locks."}]}, "problemtype": {"problemtype_data": [{"description": []}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2024-38628", "ASSIGNER": "cve@kernel.org"}}, "impact": {}, "publishedDate": "2024-06-21T11:15Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "6.6.33", "versionStartIncluding": "6.2"}, {"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "6.9.4", "versionStartIncluding": "6.7"}, {"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "6.1.93", "versionStartIncluding": "5.15"}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2025-03-24T18:09Z"}