CVE-2024-50268
Published: Nov 19, 2024
Modified: May 11, 2026
Description
In the Linux kernel, the following vulnerability has been resolved: usb: typec: fix potential out of bounds in ucsi_ccg_update_set_new_cam_cmd() The "*cmd" variable can be controlled by the user via debugfs. That means "new_cam" can be as high as 255 while the size of the uc->updated[] array is UCSI_MAX_ALTMODES (30). The call tree is: ucsi_cmd() // val comes from simple_attr_write_xsigned() -> ucsi_send_command() -> ucsi_send_command_common() -> ucsi_run_command() // calls ucsi->ops->sync_control() -> ucsi_ccg_sync_control()
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected 170a6726d0e266f2c8f306e3d61715c32f4ee41e - < d76923164705821aa1b01b8d9d1741f20c654ab4affected 170a6726d0e266f2c8f306e3d61715c32f4ee41e - < 8f47984b35f3be0cfc652c2ca358d5768ea3456baffected 170a6726d0e266f2c8f306e3d61715c32f4ee41e - < 604314ecd682913925980dc955caea2d036eab5faffected 170a6726d0e266f2c8f306e3d61715c32f4ee41e - < 69e19774f15e12dda6c6c58001d059e30895009baffected 170a6726d0e266f2c8f306e3d61715c32f4ee41e - < 3a2ba841659a0f15102585120dea75d8d5209616+1 more versions |
Linux | Linux | affected 5.6unaffected 0 - < 5.6unaffected 5.10.230 - <= 5.10.*unaffected 5.15.172 - <= 5.15.*unaffected 6.1.117 - <= 6.1.*+3 more versions |
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now