CVE-2024-26919

usb: ulpi: Fix debugfs directory leak

Description

In the Linux kernel, the following vulnerability has been resolved: usb: ulpi: Fix debugfs directory leak The ULPI per-device debugfs root is named after the ulpi device's parent, but ulpi_unregister_interface tries to remove a debugfs directory named after the ulpi device itself. This results in the directory sticking around and preventing subsequent (deferred) probes from succeeding. Change the directory name to match the ulpi device.

N/A

CVSS

Severity:

EPSS 0.13%

Affected: Linux Linux

References

Link	Tags
https://git.kernel.org/stable/c/d31b886ed6a5095214062ee4fb55037eb930adb6
https://git.kernel.org/stable/c/330d22aba17a4d30a56f007d0f51291d7e00862b
https://git.kernel.org/stable/c/33713945cc92ea9c4a1a9479d5c1b7acb7fc4df3
https://git.kernel.org/stable/c/3caf2b2ad7334ef35f55b95f3e1b138c6f77b368

Frequently Asked Questions

What is the severity of CVE-2024-26919?: CVE-2024-26919 has not yet been assigned a CVSS score.
How to fix CVE-2024-26919?: To fix CVE-2024-26919, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2024-26919 being actively exploited in the wild?: As for now, there are no information to confirm that CVE-2024-26919 is being actively exploited. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2024-26919?: CVE-2024-26919 affects Linux Linux, Linux Linux.

This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.