CVE-2024-50075

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "https://git.kernel.org/stable/c/9c696bf4ab54c7cec81221887564305f0ceeac0a", "name": "https://git.kernel.org/stable/c/9c696bf4ab54c7cec81221887564305f0ceeac0a", "tags": ["Patch"], "refsource": ""}, {"url": "https://git.kernel.org/stable/c/c46555f14b71f95a447f5d49fc3f1f80a1472da2", "name": "https://git.kernel.org/stable/c/c46555f14b71f95a447f5d49fc3f1f80a1472da2", "tags": ["Patch"], "refsource": ""}, {"url": "https://git.kernel.org/stable/c/7d381137cb6ecf558ef6698c7730ddd482d4c8f2", "name": "https://git.kernel.org/stable/c/7d381137cb6ecf558ef6698c7730ddd482d4c8f2", "tags": ["Patch"], "refsource": ""}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nxhci: tegra: fix checked USB2 port number\n\nIf USB virtualizatoin is enabled, USB2 ports are shared between all\nVirtual Functions. The USB2 port number owned by an USB2 root hub in\na Virtual Function may be less than total USB2 phy number supported\nby the Tegra XUSB controller.\n\nUsing total USB2 phy number as port number to check all PORTSC values\nwould cause invalid memory access.\n\n[ 116.923438] Unable to handle kernel paging request at virtual address 006c622f7665642f\n...\n[ 117.213640] Call trace:\n[ 117.216783] tegra_xusb_enter_elpg+0x23c/0x658\n[ 117.222021] tegra_xusb_runtime_suspend+0x40/0x68\n[ 117.227260] pm_generic_runtime_suspend+0x30/0x50\n[ 117.232847] __rpm_callback+0x84/0x3c0\n[ 117.237038] rpm_suspend+0x2dc/0x740\n[ 117.241229] pm_runtime_work+0xa0/0xb8\n[ 117.245769] process_scheduled_works+0x24c/0x478\n[ 117.251007] worker_thread+0x23c/0x328\n[ 117.255547] kthread+0x104/0x1b0\n[ 117.259389] ret_from_fork+0x10/0x20\n[ 117.263582] Code: 54000222 f9461ae8 f8747908 b4ffff48 (f9400100)"}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2024-50075", "ASSIGNER": "cve@kernel.org"}}, "impact": {"baseMetricV3": {"cvssV3": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 1.8}}, "publishedDate": "2024-10-29T01:15Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:6.12:rc1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:6.12:rc2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:6.12:rc3:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "6.11.5", "versionStartIncluding": "6.7"}, {"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "6.6.58", "versionStartIncluding": "6.3"}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2024-11-01T15:51Z"}