Vulnerability Description
In the Linux kernel, the following vulnerability has been resolved: HID: hid-thrustmaster: Fix warning in thrustmaster_probe by adding endpoint check syzbot has found a type mismatch between a USB pipe and the transfer endpoint, which is triggered by the hid-thrustmaster driver[1]. There is a number of similar, already fixed issues [2]. In this case as in others, implementing check for endpoint type fixes the issue. [1] https://syzkaller.appspot.com/bug?extid=040e8b3db6a96908d470 [2] https://syzkaller.appspot.com/bug?extid=348331f63b034f89b622
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Linux | Linux Kernel | >= 5.13, < 6.1.129 |
References
- https://git.kernel.org/stable/c/220883fba32549a34f0734e4859d07f4dcd56992Patch
- https://git.kernel.org/stable/c/50420d7c79c37a3efe4010ff9b1bb14bc61ebccfPatch
- https://git.kernel.org/stable/c/816e84602900f7f951458d743fa12769635ebfd5Patch
- https://git.kernel.org/stable/c/ae730deded66150204c494282969bfa98dc3ae67Patch
- https://git.kernel.org/stable/c/e5bcae4212a6a4b4204f46a1b8bcba08909d2007Patch
- https://lists.debian.org/debian-lts-announce/2025/03/msg00028.html
FAQ
What is CVE-2024-57993?
CVE-2024-57993 is a vulnerability with a CVSS score of 5.5 (MEDIUM). In the Linux kernel, the following vulnerability has been resolved: HID: hid-thrustmaster: Fix warning in thrustmaster_probe by adding endpoint check syzbot has found a type mismatch between a USB p...
How severe is CVE-2024-57993?
CVE-2024-57993 has been rated MEDIUM with a CVSS base score of 5.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2024-57993?
Check the references section above for vendor advisories and patch information. Affected products include: Linux Linux Kernel.