CVE-2024-26748

usb: cdns3: fix memory double free when handle zero packet

References

Notes

 carnil> Introduced in 7733f6c32e36 ("usb: cdns3: Add Cadence USB3 DRD Driver").
 carnil> Vulnerable versions: 5.4-rc1.

Bugs

Status

Branch Status
4.19-buster-security N/A "Vulnerable code not present"
4.19-upstream-stable N/A "Vulnerable code not present"
5.10-bullseye-security released (5.10.216-1)
5.10-upstream-stable released (5.10.211) [1e204a8e9eb514e22a6567fb340ebb47df3f3a48]
6.1-bookworm-security released (6.1.82-1)
6.1-upstream-stable released (6.1.80) [9a52b694b066f299d8b9800854a8503457a8b64c]
6.6-upstream-stable released (6.6.19) [70e8038813f9d3e72df966748ebbc40efe466019]
6.8-upstream-stable N/A "Fixed before branching point"
sid released (6.7.7-1)
upstream released (6.8-rc6) [5fd9e45f1ebcd57181358af28506e8a661a260b3]