CVE-2024-26919

MEDIUM

Linux kernel - None

Title source: llm

Description

In the Linux kernel, the following vulnerability has been resolved: usb: ulpi: Fix debugfs directory leak The ULPI per-device debugfs root is named after the ulpi device's parent, but ulpi_unregister_interface tries to remove a debugfs directory named after the ulpi device itself. This results in the directory sticking around and preventing subsequent (deferred) probes from succeeding. Change the directory name to match the ulpi device.

References (4)

[Patch] https://git.kernel.org/stable/c/330d22aba17a4d30a56f007d0f51291d7e00862b

[Patch] https://git.kernel.org/stable/c/33713945cc92ea9c4a1a9479d5c1b7acb7fc4df3

[Patch] https://git.kernel.org/stable/c/3caf2b2ad7334ef35f55b95f3e1b138c6f77b368

[Patch] https://git.kernel.org/stable/c/d31b886ed6a5095214062ee4fb55037eb930adb6

Scores

CVSS v3 5.5

EPSS 0.0001

EPSS Percentile 1.5%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Classification

Status published

Affected Products (6)

linux/linux_kernel < 6.1.79

linux/linux_kernel

linux/linux_kernel

linux/Kernel < 6.1.79linux

linux/Kernel < 6.6.18linux

linux/Kernel < 6.7.6linux

Timeline

Published Apr 17, 2024

Tracked Since Feb 18, 2026