CVE-2024-26747

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2024-26747

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-26747.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2024-26747

Downstream

BELL-CVE-2024-26747

DEBIAN-CVE-2024-26747

DLA-3842-1

DSA-5681-1

OESA-2025-1095

OESA-2025-1096

SUSE-SU-2024:1490-1

SUSE-SU-2024:1643-1

SUSE-SU-2024:1646-1

SUSE-SU-2024:1659-1

SUSE-SU-2024:1663-1

SUSE-SU-2024:1870-1

UBUNTU-CVE-2024-26747

USN-6820-1

USN-6820-2

USN-6821-1

USN-6821-2

USN-6821-3

USN-6821-4

USN-6828-1

USN-6871-1

USN-6892-1

USN-6919-1

Related

Published

2024-04-03T17:15:51Z

Modified

2025-08-09T19:01:28Z

Summary

[none]

Details

In the Linux kernel, the following vulnerability has been resolved:

usb: roles: fix NULL pointer issue when put module's reference

In current design, usb role class driver will get usbroleswitch parent's module reference after the user get usbroleswitch device and put the reference after the user put the usbroleswitch device. However, the parent device of usbroleswitch may be removed before the user put the usbroleswitch. If so, then, NULL pointer issue will be met when the user put the parent module's reference.

This will save the module pointer in structure of usbroleswitch. Then, we don't need to find module by iterating long relations.

References

Affected packages