CVE-2024-26659

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The issue is related to the xHCI driver in the Linux kernel, which incorrectly handles isoc Babble and Buffer Overrun events. Specifically, when the xHC reports an error on one of the early TRBs, the driver assumes that the xHC has released its ownership of the multi-TRB TD and releases the TD, allowing the remaining TRBs to be freed or overwritten by new TDs. This can result in a "Transfer event TRB DMA ptr not part of current TD" error message. The issue is resolved by reusing the logic for processing isoc Transaction Errors, which also handles hosts that fail to report the final completion. Additionally, the transfer length reporting on Babble errors is fixed, as these errors may be caused by device malfunction and there is no guarantee that the buffer has been filled.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.