Total vulnerabilities in the database
In the Linux kernel, the following vulnerability has been resolved:
usb: roles: fix NULL pointer issue when put module's reference
In current design, usb role class driver will get usb_role_switch parent's module reference after the user get usb_role_switch device and put the reference after the user put the usb_role_switch device. However, the parent device of usb_role_switch may be removed before the user put the usb_role_switch. If so, then, NULL pointer issue will be met when the user put the parent module's reference.
This will save the module pointer in structure of usb_role_switch. Then, we don't need to find module by iterating long relations.
| Software | From | Fixed in |
|---|---|---|
| linux / linux_kernel | 6.8-rc1 | 6.8-rc1.x |
| linux / linux_kernel | 5.16 | 6.1.80 |
| linux / linux_kernel | 5.11 | 5.15.150 |
| linux / linux_kernel | 6.8-rc3 | 6.8-rc3.x |
| linux / linux_kernel | 6.8-rc4 | 6.8-rc4.x |
| linux / linux_kernel | 6.8-rc2 | 6.8-rc2.x |
| linux / linux_kernel | 6.8-rc5 | 6.8-rc5.x |
| linux / linux_kernel | 4.19 | 5.10.211 |
| linux / linux_kernel | 6.2 | 6.6.19 |
| linux / linux_kernel | 6.7 | 6.7.7 |
| debian / debian_linux | 10.0 | 10.0.x |