CVE-2024-50075— xhci: tegra: fix checked USB2 port number

EPSS 0.02% · P6 Updated Oct 02, 2025

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2024-50075

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

xhci: tegra: fix checked USB2 port number

Source: NVD (National Vulnerability Database)

Vulnerability Description

In the Linux kernel, the following vulnerability has been resolved: xhci: tegra: fix checked USB2 port number If USB virtualizatoin is enabled, USB2 ports are shared between all Virtual Functions. The USB2 port number owned by an USB2 root hub in a Virtual Function may be less than total USB2 phy number supported by the Tegra XUSB controller. Using total USB2 phy number as port number to check all PORTSC values would cause invalid memory access. [ 116.923438] Unable to handle kernel paging request at virtual address 006c622f7665642f ... [ 117.213640] Call trace: [ 117.216783] tegra_xusb_enter_elpg+0x23c/0x658 [ 117.222021] tegra_xusb_runtime_suspend+0x40/0x68 [ 117.227260] pm_generic_runtime_suspend+0x30/0x50 [ 117.232847] __rpm_callback+0x84/0x3c0 [ 117.237038] rpm_suspend+0x2dc/0x740 [ 117.241229] pm_runtime_work+0xa0/0xb8 [ 117.245769] process_scheduled_works+0x24c/0x478 [ 117.251007] worker_thread+0x23c/0x328 [ 117.255547] kthread+0x104/0x1b0 [ 117.259389] ret_from_fork+0x10/0x20 [ 117.263582] Code: 54000222 f9461ae8 f8747908 b4ffff48 (f9400100)

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

Linux kernel 安全漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Linux kernel是美国Linux基金会的开源操作系统Linux所使用的内核。 Linux kernel存在安全漏洞，该漏洞源于在处理USB2端口号时未正确检查端口号，导致无效内存访问。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
Linux	Linux	a30951d31b250bf3479c00e93646b6cc6fb42a56 ~ 9c696bf4ab54c7cec81221887564305f0ceeac0a	-
Linux	Linux	6.3	-

II. Public POCs for CVE-2024-50075

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2024-50075

请登录查看更多情报信息。

Same Patch Batch · Linux · 2024-10-29 · 21 CVEs total

CVE-2024-50078		Bluetooth: Call iso_exit() on module unload
CVE-2024-50068		mm/damon/tests/sysfs-kunit.h: fix memory leak in damon_sysfs_test_add_targets()
CVE-2024-50069		pinctrl: apple: check devm_kasprintf() returned value
CVE-2024-50070		pinctrl: stm32: check devm_kasprintf() returned value
CVE-2024-50071		pinctrl: nuvoton: fix a double free in ma35_pinctrl_dt_node_to_map_func()
CVE-2024-50072		x86/bugs: Use code segment selector for VERW operand
CVE-2024-50073		tty: n_gsm: Fix use-after-free in gsm_cleanup_mux
CVE-2024-50074		parport: Proper fix for array out-of-bounds access
CVE-2024-50076		vt: prevent kernel-infoleak in con_font_get()
CVE-2024-50077		Bluetooth: ISO: Fix multiple init when debugfs is disabled
CVE-2024-50088		btrfs: fix uninitialized pointer free in add_inode_ref()
CVE-2024-50079		io_uring/sqpoll: ensure task state is TASK_RUNNING when running task_work
CVE-2024-50080		ublk: don't allow user copy for unprivileged device
CVE-2024-50081		blk-mq: setup queue ->tag_set before initializing hctx
CVE-2024-50082		blk-rq-qos: fix crash on rq_qos_wait vs. rq_qos_wake_function race
CVE-2024-50083		tcp: fix mptcp DSS corruption due to large pmtu xmit
CVE-2024-50084		net: microchip: vcap api: Fix memory leaks in vcap_api_encode_rule_test()
CVE-2024-50085		mptcp: pm: fix UaF read in mptcp_pm_nl_rm_addr_or_subflow
CVE-2024-50086		ksmbd: fix user-after-free from session log off
CVE-2024-50087		btrfs: fix uninitialized pointer free on read_alloc_one_name() error

IV. Related Vulnerabilities

Same product: Linux

Same vendor: Linux

V. Comments for CVE-2024-50075

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2024-50075— xhci: tegra: fix checked USB2 port number

I. Basic Information for CVE-2024-50075

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2024-50075

III. Intelligence Information for CVE-2024-50075

Same Patch Batch · Linux · 2024-10-29 · 21 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2024-50075

Leave a comment