CVE-2024-26997

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2024-26997
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-26997.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2024-26997
Downstream
Related
Published
2024-05-01T05:28:21Z
Modified
2025-10-15T11:13:29.595100Z
Summary
usb: dwc2: host: Fix dereference issue in DDMA completion flow.
Details

In the Linux kernel, the following vulnerability has been resolved:

usb: dwc2: host: Fix dereference issue in DDMA completion flow.

Fixed variable dereference issue in DDMA completion flow.

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
dca1dc1e99e09e7b8eaccb55d6aecb87d9cb8ecd
Fixed
257d313e37d66c3bcc87197fb5b8549129c45dfe
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
693bbbccd9c774adacaf03ae9fcbb33b66b1ffc4
Fixed
75bf5e78b2a27cb1bca6fa826e3ab685015165e1
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
db4fa0c8e811676a7bfe8363a01e70ee601e75f7
Fixed
26fde0ea40dda1b08fad3bc0a43f122f6dd8bddf
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
32d3f2f108ebcaf9bd9fc06095c776cb73add034
Fixed
8aa5c28ac65cb5e7f1b9c0c3238c00b661dd2b8c
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
bc48eb1b53ce977d17d51caa574bd81064a117a2
Fixed
9de10b59d16880a0a3ae2876c142fe54ce45d816
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
8d310e5d702c903a7ac95fb5dd248f046b39db00
Fixed
8a139fa44870e84ac228b7b76423a49610e5ba9a
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
8b7c57ab6f6bc6bfee87e929cab6e6dac351606b
Fixed
55656b2afd5f1efcec4245f3e7e814c2a9ef53f6
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
b258e42688501cadb1a6dd658d6f015df9f32d8f
Fixed
eed04fa96c48790c1cce73c8a248e9d460b088f8
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
c4046e703e0083c8d2031cce02f2479e9ba2c166

Affected versions

v4.*

v4.19.312

v5.*

v5.10.215
v5.15.154
v5.15.155
v5.15.156
v5.4.274

v6.*

v6.1.84
v6.1.85
v6.1.86
v6.1.87
v6.6.24
v6.6.25
v6.6.26
v6.6.27
v6.6.28
v6.7.12
v6.8.3
v6.8.4
v6.8.5
v6.8.6
v6.8.7
v6.9-rc2

Database specific 

{
    "vanir_signatures": [
        {
            "id": "CVE-2024-26997-1175d53a",
            "signature_type": "Line",
            "target": {
                "file": "drivers/usb/dwc2/hcd_ddma.c"
            },
            "signature_version": "v1",
            "digest": {
                "line_hashes": [
                    "54230474353352991071181597645089388188",
                    "160223828386511279482474769349007820369",
                    "140530197565700602401989741713318750878",
                    "123289620800154187452173426559397928412",
                    "28762760459222696123350072873070936487",
                    "214138006071824913732196648532102142163",
                    "148011018912432840584144120793512918037",
                    "320680289226948202910117773845073645976"
                ],
                "threshold": 0.9
            },
            "deprecated": false,
            "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@75bf5e78b2a27cb1bca6fa826e3ab685015165e1"
        },
        {
            "id": "CVE-2024-26997-341f6ebe",
            "signature_type": "Line",
            "target": {
                "file": "drivers/usb/dwc2/hcd_ddma.c"
            },
            "signature_version": "v1",
            "digest": {
                "line_hashes": [
                    "54230474353352991071181597645089388188",
                    "160223828386511279482474769349007820369",
                    "140530197565700602401989741713318750878",
                    "123289620800154187452173426559397928412",
                    "28762760459222696123350072873070936487",
                    "214138006071824913732196648532102142163",
                    "148011018912432840584144120793512918037",
                    "320680289226948202910117773845073645976"
                ],
                "threshold": 0.9
            },
            "deprecated": false,
            "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@8a139fa44870e84ac228b7b76423a49610e5ba9a"
        },
        {
            "id": "CVE-2024-26997-3a8d709d",
            "signature_type": "Function",
            "target": {
                "file": "drivers/usb/dwc2/hcd_ddma.c",
                "function": "dwc2_cmpl_host_isoc_dma_desc"
            },
            "signature_version": "v1",
            "digest": {
                "length": 1388.0,
                "function_hash": "157070941555293818501572003867155829566"
            },
            "deprecated": false,
            "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@9de10b59d16880a0a3ae2876c142fe54ce45d816"
        },
        {
            "id": "CVE-2024-26997-433ce9d2",
            "signature_type": "Line",
            "target": {
                "file": "drivers/usb/dwc2/hcd_ddma.c"
            },
            "signature_version": "v1",
            "digest": {
                "line_hashes": [
                    "54230474353352991071181597645089388188",
                    "160223828386511279482474769349007820369",
                    "140530197565700602401989741713318750878",
                    "123289620800154187452173426559397928412",
                    "28762760459222696123350072873070936487",
                    "214138006071824913732196648532102142163",
                    "148011018912432840584144120793512918037",
                    "320680289226948202910117773845073645976"
                ],
                "threshold": 0.9
            },
            "deprecated": false,
            "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@26fde0ea40dda1b08fad3bc0a43f122f6dd8bddf"
        },
        {
            "id": "CVE-2024-26997-46e87106",
            "signature_type": "Function",
            "target": {
                "file": "drivers/usb/dwc2/hcd_ddma.c",
                "function": "dwc2_cmpl_host_isoc_dma_desc"
            },
            "signature_version": "v1",
            "digest": {
                "length": 1388.0,
                "function_hash": "157070941555293818501572003867155829566"
            },
            "deprecated": false,
            "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@257d313e37d66c3bcc87197fb5b8549129c45dfe"
        },
        {
            "id": "CVE-2024-26997-6b1f4fc4",
            "signature_type": "Function",
            "target": {
                "file": "drivers/usb/dwc2/hcd_ddma.c",
                "function": "dwc2_cmpl_host_isoc_dma_desc"
            },
            "signature_version": "v1",
            "digest": {
                "length": 1388.0,
                "function_hash": "157070941555293818501572003867155829566"
            },
            "deprecated": false,
            "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@8a139fa44870e84ac228b7b76423a49610e5ba9a"
        },
        {
            "id": "CVE-2024-26997-87a404d4",
            "signature_type": "Line",
            "target": {
                "file": "drivers/usb/dwc2/hcd_ddma.c"
            },
            "signature_version": "v1",
            "digest": {
                "line_hashes": [
                    "54230474353352991071181597645089388188",
                    "160223828386511279482474769349007820369",
                    "140530197565700602401989741713318750878",
                    "123289620800154187452173426559397928412",
                    "28762760459222696123350072873070936487",
                    "214138006071824913732196648532102142163",
                    "148011018912432840584144120793512918037",
                    "320680289226948202910117773845073645976"
                ],
                "threshold": 0.9
            },
            "deprecated": false,
            "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@9de10b59d16880a0a3ae2876c142fe54ce45d816"
        },
        {
            "id": "CVE-2024-26997-95d02a9e",
            "signature_type": "Line",
            "target": {
                "file": "drivers/usb/dwc2/hcd_ddma.c"
            },
            "signature_version": "v1",
            "digest": {
                "line_hashes": [
                    "54230474353352991071181597645089388188",
                    "160223828386511279482474769349007820369",
                    "140530197565700602401989741713318750878",
                    "123289620800154187452173426559397928412",
                    "28762760459222696123350072873070936487",
                    "214138006071824913732196648532102142163",
                    "148011018912432840584144120793512918037",
                    "320680289226948202910117773845073645976"
                ],
                "threshold": 0.9
            },
            "deprecated": false,
            "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@257d313e37d66c3bcc87197fb5b8549129c45dfe"
        },
        {
            "id": "CVE-2024-26997-d75bf6ad",
            "signature_type": "Function",
            "target": {
                "file": "drivers/usb/dwc2/hcd_ddma.c",
                "function": "dwc2_cmpl_host_isoc_dma_desc"
            },
            "signature_version": "v1",
            "digest": {
                "length": 1388.0,
                "function_hash": "157070941555293818501572003867155829566"
            },
            "deprecated": false,
            "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@26fde0ea40dda1b08fad3bc0a43f122f6dd8bddf"
        },
        {
            "id": "CVE-2024-26997-e49f169b",
            "signature_type": "Function",
            "target": {
                "file": "drivers/usb/dwc2/hcd_ddma.c",
                "function": "dwc2_cmpl_host_isoc_dma_desc"
            },
            "signature_version": "v1",
            "digest": {
                "length": 1388.0,
                "function_hash": "157070941555293818501572003867155829566"
            },
            "deprecated": false,
            "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@75bf5e78b2a27cb1bca6fa826e3ab685015165e1"
        }
    ]
}

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
4.19.312
Fixed
4.19.313
Type
ECOSYSTEM
Events
Introduced
5.4.274
Fixed
5.4.275
Type
ECOSYSTEM
Events
Introduced
5.10.215
Fixed
5.10.216
Type
ECOSYSTEM
Events
Introduced
5.15.154
Fixed
5.15.157
Type
ECOSYSTEM
Events
Introduced
6.1.84
Fixed
6.1.88
Type
ECOSYSTEM
Events
Introduced
6.6.24
Fixed
6.6.29
Type
ECOSYSTEM
Events
Introduced
6.8.3
Fixed
6.8.8