CVE-2024-53083
CVSS 3.1 Score 5.5 of 10 (medium)
Details
Summary
CVE-2024-53083 is a vulnerability affecting the Linux kernel's USB Type-C subsystem, specifically the qcom-pmic driver. The issue lies in the initialization of header length (hdr_len) and transaction buffer length (txbuf_len) variables. If a read of USB_PDPHY_RX_ACKNOWLEDGE_REG fails, these variables remain uninitialized. Previously, an incorrect and misleading value was printed, but a recent commit in the kernel resolved this by stopping the printing of uninitialized values. This vulnerability could potentially lead to incorrect USB Type-C power delivery negotiations, but more research is needed to determine the potential impact and exploitability of this issue.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Affected Products
- Linux Kernel
Affected Vendors
- LINUX