CVE-2024-35822

usb: udc: remove warning when queue disabled ep

Description

In the Linux kernel, the following vulnerability has been resolved: usb: udc: remove warning when queue disabled ep It is possible trigger below warning message from mass storage function, WARNING: CPU: 6 PID: 3839 at drivers/usb/gadget/udc/core.c:294 usb_ep_queue+0x7c/0x104 pc : usb_ep_queue+0x7c/0x104 lr : fsg_main_thread+0x494/0x1b3c Root cause is mass storage function try to queue request from main thread, but other thread may already disable ep when function disable. As there is no function failure in the driver, in order to avoid effort to fix warning, change WARN_ON_ONCE() in usb_ep_queue() to pr_debug().

N/A
CVSS
Severity:
EPSS 0.27%
Affected: Linux Linux
Affected: Linux Linux
Published at:
Updated at:

References

Link Tags
https://git.kernel.org/stable/c/2b002c308e184feeaeb72987bca3f1b11e5f70b8
https://git.kernel.org/stable/c/68d951880d0c52c7f13dcefb5501b69b8605ce8c
https://git.kernel.org/stable/c/3e944ddc17c042945d983e006df7860687a8849a
https://git.kernel.org/stable/c/df5cbb908f1687e8ab97e222a16b7890d5501acf
https://git.kernel.org/stable/c/f74c5e0b54b02706d9a862ac6cddade30ac86bcf
https://git.kernel.org/stable/c/99731076722eb7ed26b0c87c879da7bb71d24290
https://git.kernel.org/stable/c/36177c2595df12225b95ce74eb1ac77b43d5a58c
https://git.kernel.org/stable/c/30511676eb54d480d014352bf784f02577a10252
https://git.kernel.org/stable/c/2a587a035214fa1b5ef598aea0b81848c5b72e5e
https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html
https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html

Frequently Asked Questions

What is the severity of CVE-2024-35822?
CVE-2024-35822 has not yet been assigned a CVSS score.
How to fix CVE-2024-35822?
To fix CVE-2024-35822, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2024-35822 being actively exploited in the wild?
As for now, there are no information to confirm that CVE-2024-35822 is being actively exploited. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2024-35822?
CVE-2024-35822 affects Linux Linux, Linux Linux.
This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.
© 2025 Under My Watch. All Rights Reserved.