U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

National Vulnerability Database

National Vulnerability Database

NVD

National Vulnerability Database

Vulnerability Change Records for CVE-2024-42226

Change History

CVE Modified by kernel.org 8/12/2024 9:38:33 AM

Action Type Old Value New Value
Removed CPE Configuration 
OR
     
          *cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from (including) 6.6.40 from (excluding) 6.9.9
          *cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from (including) 6.1.99 from (excluding) 6.6.39
          *cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from (excluding) 6.1.98
 

								
								
					

					

						Removed
						CVSS V3.1
						
							
							
								
							
								
NIST AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

								
							
							
								
							
						
								
							
								

								
								
					

					

						Removed
						CWE
						
							
							
								
							
								
NIST CWE-476

								
							
							
								
							
						
								
							
								

								
								
					

					

						Changed
						Description
						
							
							
								
							
								
In the Linux kernel, the following vulnerability has been resolved:

usb: xhci: prevent potential failure in handle_tx_event() for Transfer events without TRB

Some transfer events don't always point to a TRB, and consequently don't
have a endpoint ring. In these cases, function handle_tx_event() should
not proceed, because if 'ep->skip' is set, the pointer to the endpoint
ring is used.

To prevent a potential failure and make the code logical, return after
checking the completion code for a Transfer event without TRBs.

								
							
							
								
							
						
								
							
								
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.

								
								
					

					

						Removed
						Reference
						
							
							
								
							
								
kernel.org https://git.kernel.org/stable/c/1f4a10cb826fdec5cd442df010bcb3043bfd6464

								
							
							
								
							
						
								
							
								

								
								
					

					

						Removed
						Reference
						
							
							
								
							
								
kernel.org https://git.kernel.org/stable/c/66cb618bf0bb82859875b00eeffaf223557cb416

								
							
							
								
							
						
								
							
								

								
								
					

					

						Removed
						Reference
						
							
							
								
							
								
kernel.org https://git.kernel.org/stable/c/69bed24c82139bbad0a78a075e1834a2ea7bd064

								
							
							
								
							
						
								
							
								

								
								
					

					

						Removed
						Reference
						
							
							
								
							
								
kernel.org https://git.kernel.org/stable/c/948554f1bb16e15b90006c109c3a558c66d4c4ac

								
							
							
								
							
						
								
							
								

								
								
					

					

						Removed
						Reference
						
							
							
								
							
								
kernel.org https://git.kernel.org/stable/c/9a24eb8010c2dc6a2eba56e3eb9fc07d14ffe00a

								
							
							
								
							
						
								
							
								

								
								
					

					

						Removed
						Reference
						
							
							
								
							
								
kernel.org https://git.kernel.org/stable/c/c0ee01e8ba19ff7edc98f68a114d4789faa219b9

								
							
							
								
							
						
								
							
								

								
								
					

				
			




		

	
		

			 
			

				CVE Rejected by kernel.org 8/12/2024 9:38:33 AM
			



			

				 
					

						Action
						Type
						Old Value
						New Value
					

				
				
					
				
			




		

	
		

			 
			

				CVE Translated by kernel.org 8/12/2024 9:38:33 AM
			



			

				 
					

						Action
						Type
						Old Value
						New Value
					

				
				
					

						Removed
						Translation
						
							
							
								
							
								
Title: kernel de Linux
Description: En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: usb: xhci: evita posibles fallos en handle_tx_event() para eventos de transferencia sin TRB Algunos eventos de transferencia no siempre apuntan a un TRB y, en consecuencia, no tienen un anillo de endpoint. En estos casos, la función handle_tx_event() no debe continuar, porque si se establece 'ep->skip', se utiliza el puntero al anillo del endpoint. Para evitar una posible falla y hacer que el código sea lógico, regrese después de verificar el código de finalización para un evento de Transferencia sin TRB.