CVE-2024-26997

usb: dwc2: host: Fix dereference issue in DDMA completion flow.

References

https://cve.org/CVERecord/?id=CVE-2024-26997

Notes

 carnil> Introduced in b258e4268850 ("usb: dwc2: host: Fix ISOC flow in DDMA mode").
 carnil> Vulnerable versions: 4.19.312 5.4.274 5.10.215 5.15.154 6.1.84 6.6.24 6.7.12
 carnil> 6.8.3 6.9-rc2.

Bugs

Status

Branch	Status
4.19-buster-security	needed
4.19-upstream-stable	released (4.19.313) [257d313e37d66c3bcc87197fb5b8549129c45dfe]
5.10-bullseye-security	released (5.10.216-1)
5.10-upstream-stable	released (5.10.216) [26fde0ea40dda1b08fad3bc0a43f122f6dd8bddf]
6.1-bookworm-security	released (6.1.90-1)
6.1-upstream-stable	released (6.1.88) [9de10b59d16880a0a3ae2876c142fe54ce45d816]
6.6-upstream-stable	released (6.6.29) [8a139fa44870e84ac228b7b76423a49610e5ba9a]
6.8-upstream-stable	released (6.8.8) [55656b2afd5f1efcec4245f3e7e814c2a9ef53f6]
sid	needed
upstream	released (6.9-rc5) [eed04fa96c48790c1cce73c8a248e9d460b088f8]