CVE-2024-50269
Published: Nov 19, 2024
Modified: May 23, 2026
Description
In the Linux kernel, the following vulnerability has been resolved: usb: musb: sunxi: Fix accessing an released usb phy Commit 6ed05c68cbca ("usb: musb: sunxi: Explicitly release USB PHY on exit") will cause that usb phy @glue->xceiv is accessed after released. 1) register platform driver @sunxi_musb_driver // get the usb phy @glue->xceiv sunxi_musb_probe() -> devm_usb_get_phy(). 2) register and unregister platform driver @musb_driver musb_probe() -> sunxi_musb_init() use the phy here //the phy is released here musb_remove() -> sunxi_musb_exit() -> devm_usb_put_phy() 3) register @musb_driver again musb_probe() -> sunxi_musb_init() use the phy here but the phy has been released at 2). ... Fixed by reverting the commit, namely, removing devm_usb_put_phy() from sunxi_musb_exit().
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected 6ed05c68cbcae42cd52b8e53b66952bfa9c002ce - < 721ddad945596220c123eb6f7126729fe277ee4faffected 6ed05c68cbcae42cd52b8e53b66952bfa9c002ce - < 4aa77d5ea9944468e16c3eed15e858fd5de44de1affected 6ed05c68cbcae42cd52b8e53b66952bfa9c002ce - < 6e2848d1c8c0139161e69ac0a94133e90e9988e8affected 6ed05c68cbcae42cd52b8e53b66952bfa9c002ce - < 63559ba8077cbadae1c92a65b73ea522bf377dd9affected 6ed05c68cbcae42cd52b8e53b66952bfa9c002ce - < ccd811c304d2ee56189bfbc49302cb3c44361893+9 more versions |
Linux | Linux | affected 4.14unaffected 0 - < 4.14unaffected 4.19.324 - <= 4.19.*unaffected 5.4.286 - <= 5.4.*unaffected 5.10.230 - <= 5.10.*+5 more versions |
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now