PT-2024-3407 · Linux+5 · Linux Kernel+5

Frank Li

Published

2024-02-19

Updated

2025-02-08

CVE-2024-26748

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions: Linux kernel (affected versions not specified)

Description: The issue is related to a memory double free vulnerability in the Linux kernel's USB Cadence driver. When handling a zero packet, the driver appends an additional zero packet request, which leads to a double free condition. This occurs because the usb gadget giveback request() function frees the request, and then the cdns3 gadget ep free request() function also attempts to free the same request again. The vulnerability can potentially allow an attacker to impact the confidentiality, integrity, and availability of protected information.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Double Free

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-415

Related Identifiers

BDU:2024-03679

CVE-2024-26748

DLA-3842-1

DSA-5658-1

DSA-5681-1

OESA-2025-1095

OESA-2025-1096

SUSE-SU-2024:2008-1

SUSE-SU-2024:2019-1

SUSE-SU-2024:2190-1

USN-6820-1

USN-6820-2

USN-6821-1

USN-6821-2

USN-6821-3

USN-6821-4

USN-6828-1

USN-6831-1

USN-6867-1

USN-6871-1

USN-6892-1

USN-6895-1

USN-6895-2

USN-6895-3

USN-6895-4

USN-6900-1

USN-6919-1

Affected Products

Astra Linux

Linuxmint

Linux Kernel

Red Os

Suse

Ubuntu

PT-2024-3407 · Linux+5 · Linux Kernel+5

CVE-2024-26748

Weakness Enumeration

Related Identifiers

Affected Products

References · 1717