Vulnerability Description
In the Linux kernel, the following vulnerability has been resolved: USB: usbtmc: prevent kernel-usb-infoleak The syzbot reported a kernel-usb-infoleak in usbtmc_write, we need to clear the structure before filling fields.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Linux | Linux Kernel | >= 4.20, < 6.1.112 |
References
- https://git.kernel.org/stable/c/0c927dfc0b9bd177f7ab6ee59ef0c4ea06c110a7Patch
- https://git.kernel.org/stable/c/16e0ab9ed3ae7d19ca8ee718ba4e09d5c0f909caPatch
- https://git.kernel.org/stable/c/51297ef7ad7824ad577337f273cd092e81a9fa08Patch
- https://git.kernel.org/stable/c/625fa77151f00c1bd00d34d60d6f2e710b3f9aadPatch
- https://git.kernel.org/stable/c/6c7fc36da021b13c34c572a26ba336cd102418f8Patch
- https://git.kernel.org/stable/c/ba6269e187aa1b1f20faf3c458831a0d6350304bPatch
- https://git.kernel.org/stable/c/e872738e670ddd63e19f22d0d784f0bdf26ecba5Patch
- https://git.kernel.org/stable/c/fa652318887da530f2f9dbd9b0ea4a087d05ee12
- https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html
- https://lists.debian.org/debian-lts-announce/2025/03/msg00002.html
FAQ
What is CVE-2024-47671?
CVE-2024-47671 is a vulnerability with a CVSS score of 5.5 (MEDIUM). In the Linux kernel, the following vulnerability has been resolved: USB: usbtmc: prevent kernel-usb-infoleak The syzbot reported a kernel-usb-infoleak in usbtmc_write, we need to clear the structure...
How severe is CVE-2024-47671?
CVE-2024-47671 has been rated MEDIUM with a CVSS base score of 5.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2024-47671?
Check the references section above for vendor advisories and patch information. Affected products include: Linux Linux Kernel.