CVE-2024-26997

In the Linux kernel, the following vulnerability has been resolved: usb: dwc2: host: Fix dereference issue in DDMA completion flow. Fixed variable dereference issue in DDMA completion flow.

CVSS v3 5.5 MEDIUM

5.5^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://git.kernel.org/stable/c/257d313e37d66c3bcc87197fb5b8549129c45dfe	Patch
https://git.kernel.org/stable/c/26fde0ea40dda1b08fad3bc0a43f122f6dd8bddf	Patch
https://git.kernel.org/stable/c/55656b2afd5f1efcec4245f3e7e814c2a9ef53f6	Patch
https://git.kernel.org/stable/c/75bf5e78b2a27cb1bca6fa826e3ab685015165e1	Patch
https://git.kernel.org/stable/c/8a139fa44870e84ac228b7b76423a49610e5ba9a	Patch
https://git.kernel.org/stable/c/8aa5c28ac65cb5e7f1b9c0c3238c00b661dd2b8c	Patch
https://git.kernel.org/stable/c/9de10b59d16880a0a3ae2876c142fe54ce45d816	Patch
https://git.kernel.org/stable/c/eed04fa96c48790c1cce73c8a248e9d460b088f8	Patch
https://git.kernel.org/stable/c/257d313e37d66c3bcc87197fb5b8549129c45dfe	Patch
https://git.kernel.org/stable/c/26fde0ea40dda1b08fad3bc0a43f122f6dd8bddf	Patch
https://git.kernel.org/stable/c/55656b2afd5f1efcec4245f3e7e814c2a9ef53f6	Patch
https://git.kernel.org/stable/c/75bf5e78b2a27cb1bca6fa826e3ab685015165e1	Patch
https://git.kernel.org/stable/c/8a139fa44870e84ac228b7b76423a49610e5ba9a	Patch
https://git.kernel.org/stable/c/8aa5c28ac65cb5e7f1b9c0c3238c00b661dd2b8c	Patch
https://git.kernel.org/stable/c/9de10b59d16880a0a3ae2876c142fe54ce45d816	Patch
https://git.kernel.org/stable/c/eed04fa96c48790c1cce73c8a248e9d460b088f8	Patch
https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html	Third Party Advisory Mailing List
https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html	Third Party Advisory Mailing List

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel:4.19.312:::::::*
	cpe:2.3:o:linux:linux_kernel:5.4.274:::::::*
	cpe:2.3:o:linux:linux_kernel:5.10.215:::::::*
	cpe:2.3:o:linux:linux_kernel:6.9:rc2::::::
	cpe:2.3:o:linux:linux_kernel:6.9:rc3::::::
	cpe:2.3:o:linux:linux_kernel:6.9:rc4::::::

Configuration 2 (hide)

cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*

History

23 Dec 2025, 00:46

Type	Values Removed	Values Added
First Time		Linux Debian Debian debian Linux Linux linux Kernel
CWE		CWE-476
CPE		cpe:2.3:o:debian:debian_linux:10.0:::::::* cpe:2.3:o:linux:linux_kernel:6.9:rc3:::::: cpe:2.3:o:linux:linux_kernel:5.4.274:::::::* cpe:2.3:o:linux:linux_kernel:6.9:rc4:::::: cpe:2.3:o:linux:linux_kernel:::::::: cpe:2.3:o:linux:linux_kernel:5.10.215:::::::* cpe:2.3:o:linux:linux_kernel:4.19.312:::::::* cpe:2.3:o:linux:linux_kernel:6.9:rc2::::::
References	~~() https://git.kernel.org/stable/c/257d313e37d66c3bcc87197fb5b8549129c45dfe -~~	() https://git.kernel.org/stable/c/257d313e37d66c3bcc87197fb5b8549129c45dfe - Patch
References	~~() https://git.kernel.org/stable/c/26fde0ea40dda1b08fad3bc0a43f122f6dd8bddf -~~	() https://git.kernel.org/stable/c/26fde0ea40dda1b08fad3bc0a43f122f6dd8bddf - Patch
References	~~() https://git.kernel.org/stable/c/55656b2afd5f1efcec4245f3e7e814c2a9ef53f6 -~~	() https://git.kernel.org/stable/c/55656b2afd5f1efcec4245f3e7e814c2a9ef53f6 - Patch
References	~~() https://git.kernel.org/stable/c/75bf5e78b2a27cb1bca6fa826e3ab685015165e1 -~~	() https://git.kernel.org/stable/c/75bf5e78b2a27cb1bca6fa826e3ab685015165e1 - Patch
References	~~() https://git.kernel.org/stable/c/8a139fa44870e84ac228b7b76423a49610e5ba9a -~~	() https://git.kernel.org/stable/c/8a139fa44870e84ac228b7b76423a49610e5ba9a - Patch
References	~~() https://git.kernel.org/stable/c/8aa5c28ac65cb5e7f1b9c0c3238c00b661dd2b8c -~~	() https://git.kernel.org/stable/c/8aa5c28ac65cb5e7f1b9c0c3238c00b661dd2b8c - Patch
References	~~() https://git.kernel.org/stable/c/9de10b59d16880a0a3ae2876c142fe54ce45d816 -~~	() https://git.kernel.org/stable/c/9de10b59d16880a0a3ae2876c142fe54ce45d816 - Patch
References	~~() https://git.kernel.org/stable/c/eed04fa96c48790c1cce73c8a248e9d460b088f8 -~~	() https://git.kernel.org/stable/c/eed04fa96c48790c1cce73c8a248e9d460b088f8 - Patch
References	~~() https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html -~~	() https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html - Third Party Advisory, Mailing List
References	~~() https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html -~~	() https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html - Third Party Advisory, Mailing List
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 5.5

21 Nov 2024, 09:03

Type	Values Removed	Values Added
References		() https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html - () https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html -
References	~~() https://git.kernel.org/stable/c/257d313e37d66c3bcc87197fb5b8549129c45dfe -~~	() https://git.kernel.org/stable/c/257d313e37d66c3bcc87197fb5b8549129c45dfe -
References	~~() https://git.kernel.org/stable/c/26fde0ea40dda1b08fad3bc0a43f122f6dd8bddf -~~	() https://git.kernel.org/stable/c/26fde0ea40dda1b08fad3bc0a43f122f6dd8bddf -
References	~~() https://git.kernel.org/stable/c/55656b2afd5f1efcec4245f3e7e814c2a9ef53f6 -~~	() https://git.kernel.org/stable/c/55656b2afd5f1efcec4245f3e7e814c2a9ef53f6 -
References	~~() https://git.kernel.org/stable/c/75bf5e78b2a27cb1bca6fa826e3ab685015165e1 -~~	() https://git.kernel.org/stable/c/75bf5e78b2a27cb1bca6fa826e3ab685015165e1 -
References	~~() https://git.kernel.org/stable/c/8a139fa44870e84ac228b7b76423a49610e5ba9a -~~	() https://git.kernel.org/stable/c/8a139fa44870e84ac228b7b76423a49610e5ba9a -
References	~~() https://git.kernel.org/stable/c/8aa5c28ac65cb5e7f1b9c0c3238c00b661dd2b8c -~~	() https://git.kernel.org/stable/c/8aa5c28ac65cb5e7f1b9c0c3238c00b661dd2b8c -
References	~~() https://git.kernel.org/stable/c/9de10b59d16880a0a3ae2876c142fe54ce45d816 -~~	() https://git.kernel.org/stable/c/9de10b59d16880a0a3ae2876c142fe54ce45d816 -
References	~~() https://git.kernel.org/stable/c/eed04fa96c48790c1cce73c8a248e9d460b088f8 -~~	() https://git.kernel.org/stable/c/eed04fa96c48790c1cce73c8a248e9d460b088f8 -

05 Nov 2024, 10:16

Type	Values Removed	Values Added
References	~~{'url': 'https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html', 'source': '416baaa9-dc9f-4396-8d5f-8c081fb06d67'}~~ ~~{'url': 'https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html', 'source': '416baaa9-dc9f-4396-8d5f-8c081fb06d67'}~~

27 Jun 2024, 13:15

Type	Values Removed	Values Added
References		() https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html -

25 Jun 2024, 22:15

Type	Values Removed	Values Added
References		() https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html -

03 May 2024, 06:15

Type	Values Removed	Values Added
References		() https://git.kernel.org/stable/c/257d313e37d66c3bcc87197fb5b8549129c45dfe - () https://git.kernel.org/stable/c/26fde0ea40dda1b08fad3bc0a43f122f6dd8bddf - () https://git.kernel.org/stable/c/75bf5e78b2a27cb1bca6fa826e3ab685015165e1 -
Summary		(es) En el kernel de Linux, se resolvió la siguiente vulnerabilidad: usb: dwc2: host: solucionó el problema de desreferencia en el flujo de finalización de DDMA. Se solucionó el problema de desreferencia variable en el flujo de finalización de DDMA.

01 May 2024, 06:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-05-01 06:15

Updated : 2025-12-23 00:46

NVD link : CVE-2024-26997

Mitre link : CVE-2024-26997

CVE.ORG link : CVE-2024-26997

JSON object : View

Products Affected

debian

debian_linux

linux

linux_kernel

CWE

CWE-476

NULL Pointer Dereference

5.5 /10