CVE-2024-40903
Description
In the Linux kernel, the following vulnerability has been resolved:usb: typec: tcpm: fix use-after-free case in tcpm_register_source_capsThere could be a potential use-after-free case intcpm_register_source_caps(). This could happen when: * new (say invalid) source caps are advertised * the existing source caps are unregistered * tcpm_register_source_caps() returns with an error as usb_power_delivery_register_capabilities() failsThis causes port->partner_source_caps to hold on to the now freed sourcecaps.Reset port->partner_source_caps value to null after unregisteringexisting source caps.
Risk Information
Base Score
7.8
MODERATE
Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
0.012
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| linux security update(DSA-5731-1) linux-source-6.1_6.1.99-1_all.deb | Linux |
| linux security update(DSA-5731-1) linux-source_6.1.99-1_all.deb | Linux |
| linux security update(DSA-5731-1) linux-perf_6.1.99-1_i386.deb | Linux |
| linux security update(DSA-5731-1) linux-perf_6.1.99-1_amd64.deb | Linux |
| linux security update(DSA-5731-1) linux-libc-dev_6.1.99-1_i386.deb | Linux |
| linux security update(DSA-5731-1) linux-libc-dev_6.1.99-1_amd64.deb | Linux |
| linux security update(DSA-5731-1) linux-kbuild-6.1_6.1.99-1_i386.deb | Linux |
| linux security update(DSA-5731-1) linux-kbuild-6.1_6.1.99-1_amd64.deb | Linux |
| linux security update(DSA-5731-1) linux-image-rt-amd64-dbg_6.1.99-1_amd64.deb | Linux |
| linux security update(DSA-5731-1) linux-image-rt-686-pae-dbg_6.1.99-1_i386.deb | Linux |
| linux security update(DSA-5731-1) linux-image-i386-signed-template_6.1.99-1_i386.deb | Linux |
| linux security update(DSA-5731-1) linux-image-cloud-amd64-dbg_6.1.99-1_amd64.deb | Linux |
| linux security update(DSA-5731-1) linux-image-amd64-signed-template_6.1.99-1_amd64.deb | Linux |
| linux security update(DSA-5731-1) linux-image-amd64-dbg_6.1.99-1_amd64.deb | Linux |
| linux security update(DSA-5731-1) linux-image-686-pae-dbg_6.1.99-1_i386.deb | Linux |
| linux security update(DSA-5731-1) linux-image-686-dbg_6.1.99-1_i386.deb | Linux |
| linux security update(DSA-5731-1) linux-doc-6.1_6.1.99-1_all.deb | Linux |
| linux security update(DSA-5731-1) linux-doc_6.1.99-1_all.deb | Linux |
| linux security update(DSA-5731-1) linux-cpupower_6.1.99-1_i386.deb | Linux |
| linux security update(DSA-5731-1) linux-cpupower_6.1.99-1_amd64.deb | Linux |
| linux security update(DSA-5731-1) linux-config-6.1_6.1.99-1_i386.deb | Linux |
| linux security update(DSA-5731-1) linux-config-6.1_6.1.99-1_amd64.deb | Linux |
| linux security update(DSA-5731-1) linux-compiler-gcc-12-x86_6.1.99-1_i386.deb | Linux |
| linux security update(DSA-5731-1) linux-compiler-gcc-12-x86_6.1.99-1_amd64.deb | Linux |
| linux security update(DSA-5731-1) usbip_2.0+6.1.99-1_i386.deb | Linux |
| linux security update(DSA-5731-1) usbip_2.0+6.1.99-1_amd64.deb | Linux |
| linux security update(DSA-5731-1) rtla_6.1.99-1_i386.deb | Linux |
| linux security update(DSA-5731-1) rtla_6.1.99-1_amd64.deb | Linux |
| linux security update(DSA-5731-1) hyperv-daemons_6.1.99-1_i386.deb | Linux |
| linux security update(DSA-5731-1) hyperv-daemons_6.1.99-1_amd64.deb | Linux |
| linux security update(DSA-5731-1) bpftool_7.1.0+6.1.99-1_i386.deb | Linux |
| linux security update(DSA-5731-1) bpftool_7.1.0+6.1.99-1_amd64.deb | Linux |
| linux security update(DSA-5731-1) libcpupower1_6.1.99-1_i386.deb | Linux |
| linux security update(DSA-5731-1) libcpupower1_6.1.99-1_amd64.deb | Linux |
| linux security update(DSA-5731-1) libcpupower-dev_6.1.99-1_i386.deb | Linux |
| linux security update(DSA-5731-1) libcpupower-dev_6.1.99-1_amd64.deb | Linux |
| SUSE-SU-2024:3194-1(Public Cloud Module 15-SP6) kernel-syms-azure-6.4.0-150600.8.11.1.x86_64.rpm | Linux |
| SUSE-SU-2024:3194-1(Public Cloud Module 15-SP6) kernel-source-azure-6.4.0-150600.8.11.1.noarch.rpm | Linux |
| SUSE-SU-2024:3194-1(Public Cloud Module 15-SP6) kernel-devel-azure-6.4.0-150600.8.11.1.noarch.rpm | Linux |
| SUSE-SU-2024:3194-1(Public Cloud Module 15-SP6) kernel-azure-devel-debuginfo-6.4.0-150600.8.11.1.x86_64.rpm | Linux |
| SUSE-SU-2024:3194-1(Public Cloud Module 15-SP6) kernel-azure-devel-6.4.0-150600.8.11.1.x86_64.rpm | Linux |
| SUSE-SU-2024:3194-1(Public Cloud Module 15-SP6) kernel-azure-debugsource-6.4.0-150600.8.11.1.x86_64.rpm | Linux |
| SUSE-SU-2024:3194-1(Public Cloud Module 15-SP6) kernel-azure-debuginfo-6.4.0-150600.8.11.1.x86_64.rpm | Linux |
| SUSE-SU-2024:3194-1(Public Cloud Module 15-SP6) kernel-azure-6.4.0-150600.8.11.1.x86_64.rpm | Linux |
| Linux kernel (USN-6999-1) linux-image-6.8.0-1010-gke_6.8.0-1010.13_amd64.deb | Linux |
| Linux kernel (USN-6999-1) linux-image-6.8.0-1012-ibm_6.8.0-1012.12_amd64.deb | Linux |
| Linux kernel (USN-6999-1) linux-image-6.8.0-1012-oem_6.8.0-1012.12_amd64.deb | Linux |
| Linux kernel (USN-6999-1) linux-image-6.8.0-1012-oracle_6.8.0-1012.12_amd64.deb | Linux |
| Linux kernel (USN-6999-1) linux-image-6.8.0-1014-gcp_6.8.0-1014.16_amd64.deb | Linux |
| Linux kernel (USN-6999-1) linux-image-6.8.0-1015-aws_6.8.0-1015.16_amd64.deb | Linux |
| Linux kernel (USN-6999-1) linux-image-6.8.0-44-generic_6.8.0-44.44_amd64.deb | Linux |
| Linux kernel (USN-6999-1) linux-image-6.8.0-44-lowlatency_6.8.0-44.44.1_amd64.deb | Linux |
| Linux kernel (USN-6999-1) linux-image-aws_6.8.0-1015.16_amd64.deb | Linux |
| Linux kernel (USN-6999-1) linux-image-gcp_6.8.0-1014.16_amd64.deb | Linux |
| Linux kernel (USN-6999-1) linux-image-generic_6.8.0-44.44_amd64.deb | Linux |
| Linux kernel (USN-6999-1) linux-image-generic-hwe-24.04_6.8.0-44.44_amd64.deb | Linux |
| Linux kernel (USN-6999-1) linux-image-gke_6.8.0-1010.13_amd64.deb | Linux |
| Linux kernel (USN-6999-1) linux-image-ibm_6.8.0-1012.12_amd64.deb | Linux |
| Linux kernel (USN-6999-1) linux-image-ibm-classic_6.8.0-1012.12_amd64.deb | Linux |
| Linux kernel (USN-6999-1) linux-image-ibm-lts-24.04_6.8.0-1012.12_amd64.deb | Linux |
| Linux kernel (USN-6999-1) linux-image-kvm_6.8.0-44.44_amd64.deb | Linux |
| Linux kernel (USN-6999-1) linux-image-lowlatency_6.8.0-44.44.1_amd64.deb | Linux |
| Linux kernel (USN-6999-1) linux-image-oracle_6.8.0-1012.12_amd64.deb | Linux |
| Linux kernel (USN-6999-1) linux-image-virtual_6.8.0-44.44_amd64.deb | Linux |
| Linux kernel (USN-6999-1) linux-image-virtual-hwe-24.04_6.8.0-44.44_amd64.deb | Linux |
| Linux kernel for Microsoft Azure Cloud systems (USN-7004-1) linux-image-6.8.0-1014-azure_6.8.0-1014.16_amd64.deb | Linux |
| Linux kernel for Microsoft Azure Cloud systems (USN-7004-1) linux-image-6.8.0-1014-azure-fde_6.8.0-1014.16_amd64.deb | Linux |
| Linux kernel for Microsoft Azure Cloud systems (USN-7004-1) linux-image-azure_6.8.0-1014.16_amd64.deb | Linux |
| Linux kernel for Microsoft Azure Cloud systems (USN-7004-1) linux-image-azure-fde_6.8.0-1014.16_amd64.deb | Linux |
| Linux kernel for NVIDIA systems (USN-7005-1) linux-image-6.8.0-1013-nvidia_6.8.0-1013.14_amd64.deb | Linux |
| Linux kernel for NVIDIA systems (USN-7005-1) linux-image-6.8.0-1013-nvidia-lowlatency_6.8.0-1013.14.1_amd64.deb | Linux |
| Linux kernel for NVIDIA systems (USN-7005-1) linux-image-nvidia_6.8.0-1013.13_amd64.deb | Linux |
| Linux kernel for NVIDIA systems (USN-7005-1) linux-image-nvidia-lowlatency_6.8.0-1013.14.1_amd64.deb | Linux |
| Linux kernel for NVIDIA systems (USN-7005-2) linux-image-6.8.0-1013-nvidia_6.8.0-1013.14~22.04.1_amd64.deb | Linux |
| Linux kernel for NVIDIA systems (USN-7005-2) linux-image-nvidia-6.8_6.8.0-1013.14~22.04.1_amd64.deb | Linux |
| Linux low latency kernel (USN-7008-1) linux-image-6.8.0-44-lowlatency_6.8.0-44.44.1~22.04.1_amd64.deb | Linux |
| Linux low latency kernel (USN-7008-1) linux-image-lowlatency-hwe-22.04_6.8.0-44.44.1~22.04.1_amd64.deb | Linux |
| Linux hardware enablement (HWE) kernel (USN-7029-1) linux-image-6.8.0-45-generic_6.8.0-45.45~22.04.1_amd64.deb | Linux |
| Linux hardware enablement (HWE) kernel (USN-7029-1) linux-image-generic-hwe-22.04_6.8.0-45.45~22.04.1_amd64.deb | Linux |
| Linux hardware enablement (HWE) kernel (USN-7029-1) linux-image-oem-22.04_6.8.0-45.45~22.04.1_amd64.deb | Linux |
| Linux hardware enablement (HWE) kernel (USN-7029-1) linux-image-oem-22.04a_6.8.0-45.45~22.04.1_amd64.deb | Linux |
| Linux hardware enablement (HWE) kernel (USN-7029-1) linux-image-oem-22.04b_6.8.0-45.45~22.04.1_amd64.deb | Linux |
| Linux hardware enablement (HWE) kernel (USN-7029-1) linux-image-oem-22.04c_6.8.0-45.45~22.04.1_amd64.deb | Linux |
| Linux hardware enablement (HWE) kernel (USN-7029-1) linux-image-oem-22.04d_6.8.0-45.45~22.04.1_amd64.deb | Linux |
| Linux hardware enablement (HWE) kernel (USN-7029-1) linux-image-virtual-hwe-22.04_6.8.0-45.45~22.04.1_amd64.deb | Linux |
| SUSE-SU-2024:3383-1(Legacy Module 15-SP6 ) reiserfs-kmp-default-debuginfo-6.4.0-150600.23.22.1.x86_64.rpm | Linux |
| SUSE-SU-2024:3383-1(Legacy Module 15-SP6 ) reiserfs-kmp-default-6.4.0-150600.23.22.1.x86_64.rpm | Linux |
| SUSE-SU-2024:3383-1(Development Tools Module 15-SP6 ) kernel-syms-6.4.0-150600.23.22.1.x86_64.rpm | Linux |
| SUSE-SU-2024:3383-1(Development Tools Module 15-SP6 ) kernel-source-6.4.0-150600.23.22.1.noarch.rpm | Linux |
| SUSE-SU-2024:3383-1(Development Tools Module 15-SP6 ) kernel-obs-build-debugsource-6.4.0-150600.23.22.1.x86_64.rpm | Linux |
| SUSE-SU-2024:3383-1(Development Tools Module 15-SP6 ) kernel-obs-build-6.4.0-150600.23.22.1.x86_64.rpm | Linux |
| SUSE-SU-2024:3383-1(Basesystem Module 15-SP6 ) kernel-macros-6.4.0-150600.23.22.1.noarch.rpm | Linux |
| SUSE-SU-2024:3383-1(Development Tools Module 15-SP6 ) kernel-docs-6.4.0-150600.23.22.1.noarch.rpm | Linux |
| SUSE-SU-2024:3383-1(Basesystem Module 15-SP6 ) kernel-devel-6.4.0-150600.23.22.1.noarch.rpm | Linux |
| SUSE-SU-2024:3383-1(Basesystem Module 15-SP6 ) kernel-default-devel-debuginfo-6.4.0-150600.23.22.1.x86_64.rpm | Linux |
| SUSE-SU-2024:3383-1(Basesystem Module 15-SP6 ) kernel-default-devel-6.4.0-150600.23.22.1.x86_64.rpm | Linux |
| SUSE-SU-2024:3383-1(Basesystem Module 15-SP6 ) kernel-default-debugsource-6.4.0-150600.23.22.1.x86_64.rpm | Linux |
| SUSE-SU-2024:3383-1(Basesystem Module 15-SP6 ) kernel-default-debuginfo-6.4.0-150600.23.22.1.x86_64.rpm | Linux |
| SUSE-SU-2024:3383-1(Basesystem Module 15-SP6 ) kernel-default-base-6.4.0-150600.23.22.1.150600.12.8.3.x86_64.rpm | Linux |
| SUSE-SU-2024:3383-1(Basesystem Module 15-SP6 ) kernel-default-6.4.0-150600.23.22.1.x86_64.rpm | Linux |
| (RHSA-2024:9315)Moderate: security update rv-5.14.0-503.11.1.el9_5.x86_64.rpm | Linux |
| (RHSA-2024:9315)Moderate: security update rtla-5.14.0-503.11.1.el9_5.x86_64.rpm | Linux |
| (RHSA-2024:9315)Moderate: security update python3-perf-5.14.0-503.11.1.el9_5.x86_64.rpm | Linux |
| (RHSA-2024:9315)Moderate: security update perf-5.14.0-503.11.1.el9_5.x86_64.rpm | Linux |
| (RHSA-2024:9315)Moderate: security update kernel-uki-virt-addons-5.14.0-503.11.1.el9_5.x86_64.rpm | Linux |
| (RHSA-2024:9315)Moderate: security update kernel-uki-virt-5.14.0-503.11.1.el9_5.x86_64.rpm | Linux |
| (RHSA-2024:9315)Moderate: security update kernel-tools-libs-5.14.0-503.11.1.el9_5.x86_64.rpm | Linux |
| (RHSA-2024:9315)Moderate: security update kernel-tools-5.14.0-503.11.1.el9_5.x86_64.rpm | Linux |
| (RHSA-2024:9315)Moderate: security update kernel-modules-extra-5.14.0-503.11.1.el9_5.x86_64.rpm | Linux |
| (RHSA-2024:9315)Moderate: security update kernel-modules-core-5.14.0-503.11.1.el9_5.x86_64.rpm | Linux |
| (RHSA-2024:9315)Moderate: security update kernel-modules-5.14.0-503.11.1.el9_5.x86_64.rpm | Linux |
| (RHSA-2024:9315)Moderate: security update kernel-headers-5.14.0-503.11.1.el9_5.x86_64.rpm | Linux |
| (RHSA-2024:9315)Moderate: security update kernel-doc-5.14.0-503.11.1.el9_5.noarch.rpm | Linux |
| (RHSA-2024:9315)Moderate: security update kernel-devel-matched-5.14.0-503.11.1.el9_5.x86_64.rpm | Linux |
| (RHSA-2024:9315)Moderate: security update kernel-devel-5.14.0-503.11.1.el9_5.x86_64.rpm | Linux |
| (RHSA-2024:9315)Moderate: security update kernel-debug-uki-virt-5.14.0-503.11.1.el9_5.x86_64.rpm | Linux |
| (RHSA-2024:9315)Moderate: security update kernel-debug-modules-extra-5.14.0-503.11.1.el9_5.x86_64.rpm | Linux |
| (RHSA-2024:9315)Moderate: security update kernel-debug-modules-core-5.14.0-503.11.1.el9_5.x86_64.rpm | Linux |
| (RHSA-2024:9315)Moderate: security update kernel-debug-modules-5.14.0-503.11.1.el9_5.x86_64.rpm | Linux |
| (RHSA-2024:9315)Moderate: security update kernel-debug-devel-matched-5.14.0-503.11.1.el9_5.x86_64.rpm | Linux |
| (RHSA-2024:9315)Moderate: security update kernel-debug-devel-5.14.0-503.11.1.el9_5.x86_64.rpm | Linux |
| (RHSA-2024:9315)Moderate: security update kernel-debug-core-5.14.0-503.11.1.el9_5.x86_64.rpm | Linux |
| (RHSA-2024:9315)Moderate: security update kernel-debug-5.14.0-503.11.1.el9_5.x86_64.rpm | Linux |
| (RHSA-2024:9315)Moderate: security update kernel-core-5.14.0-503.11.1.el9_5.x86_64.rpm | Linux |
| (RHSA-2024:9315)Moderate: security update kernel-abi-stablelists-5.14.0-503.11.1.el9_5.noarch.rpm | Linux |
| (RHSA-2024:9315)Moderate: security update kernel-5.14.0-503.11.1.el9_5.x86_64.rpm | Linux |
| (RHSA-2024:9315)Moderate: security update bpftool-7.4.0-503.11.1.el9_5.x86_64.rpm | Linux |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234