CVE-2024-35924: usb: typec: ucsi: Limit read size on v1.2
In the Linux kernel, the following vulnerability has been resolved:
usb: typec: ucsi: Limit read size on v1.2
Between UCSI 1.2 and UCSI 2.0, the size of the MESSAGEIN region was increased from 16 to 256. In order to avoid overflowing reads for older systems, add a mechanism to use the read UCSI version to truncate read sizes on UCSI v1.2.
Other sources
In the Linux kernel, the following vulnerability has been resolved:
usb: typec: ucsi: Limit read size on v1.2
The Linux kernel CVE team has assigned CVE-2024-35924 to this issue.
Upstream advisory: https://lore.kernel.org/linux-cve-announce/2024051914-CVE-2024-35924-90f6@gregkh/T
— Red Hat
Linux Kernel is vulnerable to a denial of service, caused by buffer overflow when reading for UCSI 1.2. By sending a specially crafted request, a local authenticated attacker could exploit this vulnerability to cause a denial of service condition.
— IBM
Affected Software
Remediation
Event History
Frequently Asked Questions
What is the severity of CVE-2024-35924?
CVE-2024-35924 has a moderate severity level due to potential overflow vulnerabilities in older UCSI implementations.
How do I fix CVE-2024-35924?
To resolve CVE-2024-35924, update the Linux kernel to versions 6.6.27 or 6.8.6 for Red Hat, or specific versions of 5.10.223-1, 5.10.226-1, and 6.1.119-1, 6.1.123-1 for Debian.
Which systems are affected by CVE-2024-35924?
CVE-2024-35924 affects systems using UCSI versions between 1.2 and 2.0, particularly those running outdated Linux kernel versions.
What are the risks associated with CVE-2024-35924?
The risks associated with CVE-2024-35924 include potential overflow conditions that could lead to memory corruption or crashes.
Is there any workaround for CVE-2024-35924?
Currently, the best approach for CVE-2024-35924 is to apply the available updates to mitigate the vulnerabilities.