Chenyuan Yang discovered that the USB Gadget subsystem in the Linux kernel
did not properly check for the device to be enabled before writing. A local
attacker could possibly use this to cause a denial of service.
(CVE-2024-25741)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM32 architecture;
- ARM64 architecture;
- MIPS architecture;
- PA-RISC architecture;
- PowerPC architecture;
- RISC-V architecture;
- S390 architecture;
- User-Mode Linux (UML);
- x86 architecture;
- Block layer subsystem;
- Cryptographic API;
- Android drivers;
- Serial ATA and Parallel ATA drivers;
- ATM drivers;
- Drivers core;
- Null block device driver;
- Ublk userspace block driver;
- Bluetooth drivers;
- Cdrom driver;
- Character device driver;
- Clock framework and drivers;
- Hardware crypto device drivers;
- CXL (Compute Express Link) drivers;
- Buffer Sharing and Synchronization framework;
- DMA engine subsystem;
- Cirrus firmware drivers;
- Qualcomm firmware drivers;
- GPIO subsystem;
- GPU drivers;
- HID subsystem;
- Hardware monitoring drivers;
- I2C subsystem;
- I3C subsystem;
- IIO subsystem;
- InfiniBand drivers;
- Input Device core drivers;
- Input Device (Miscellaneous) drivers;
- IOMMU subsystem;
- IRQ chip drivers;
- ISDN/mISDN subsystem;
- LED subsystem;
- Mailbox framework;
- Multiple devices driver;
- Media drivers;
- Fastrpc Driver;
- VMware VMCI Driver;
- MMC subsystem;
- Ethernet bonding driver;
- Network drivers;
- Mellanox network drivers;
- Microsoft Azure Network Adapter (MANA) driver;
- Near Field Communication (NFC) drivers;
- NVME drivers;
- NVMEM (Non Volatile Memory) drivers;
- Device tree and open firmware driver;
- Parport drivers;
- PCI subsystem;
- Pin controllers subsystem;
- x86 platform drivers;
-...