Red Hat: CVE-2024-40903: kernel: usb: typec: tcpm: fix use-after-free case in tcpm_register_source_caps (Multiple Advisories)

Red Hat: CVE-2024-40903: kernel: usb: typec: tcpm: fix use-after-free case in tcpm_register_source_caps (Multiple Advisories)

Severity

5

CVSS

(AV:L/AC:H/Au:M/C:P/I:P/A:C)

Published

07/12/2024

Created

12/06/2024

Added

12/05/2024

Modified

12/05/2024

Description

In the Linux kernel, the following vulnerability has been resolved: usb: typec: tcpm: fix use-after-free case in tcpm_register_source_caps There could be a potential use-after-free case in tcpm_register_source_caps(). This could happen when: * new (say invalid) source caps are advertised * the existing source caps are unregistered * tcpm_register_source_caps() returns with an error as usb_power_delivery_register_capabilities() fails This causes port->partner_source_caps to hold on to the now freed source caps. Reset port->partner_source_caps value to NULL after unregistering existing source caps.

Solution(s)

• redhat-upgrade-kernel
• redhat-upgrade-kernel-rt

References

• CVE-2024-40903
• RHSA-2024:9315