CVE-2024-38628
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2024-38628
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-38628.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2024-38628
- Downstream
- Related
- Published
- 2024-06-21T10:18:19Z
- Modified
- 2025-10-14T18:07:23.078645Z
- Severity
-
- 5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
- Summary
- usb: gadget: u_audio: Fix race condition use of controls after free during gadget unbind.
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
usb: gadget: u_audio: Fix race condition use of controls after free during gadget unbind.
Hang on to the control IDs instead of pointers since those are correctly handled with locks.
- References
-
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- https://git.kernel.org/stable/c/1b739388aa3f8dfb63a9fca777e6dfa6912d0464
- https://git.kernel.org/stable/c/453d3fa9266e53f85377b911c19b9a4563fa88c0
- https://git.kernel.org/stable/c/89e66809684485590ea0b32c3178e42cba36ac09
- https://git.kernel.org/stable/c/bea73b58ab67fe581037ad9cdb93c2557590c068
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced02de698ca8123782c0c6fb8ed99080e2f032b0d2Fixed89e66809684485590ea0b32c3178e42cba36ac09
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced02de698ca8123782c0c6fb8ed99080e2f032b0d2Fixed453d3fa9266e53f85377b911c19b9a4563fa88c0
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced02de698ca8123782c0c6fb8ed99080e2f032b0d2Fixedbea73b58ab67fe581037ad9cdb93c2557590c068
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced02de698ca8123782c0c6fb8ed99080e2f032b0d2Fixed1b739388aa3f8dfb63a9fca777e6dfa6912d0464
Affected versions
v5.*
v5.14
v5.14-rc2
v5.14-rc3
v5.14-rc4
v5.14-rc5
v5.14-rc6
v5.14-rc7
v5.15
v5.15-rc1
v5.15-rc2
v5.15-rc3
v5.15-rc4
v5.15-rc5
v5.15-rc6
v5.15-rc7
v5.16
v5.16-rc1
v5.16-rc2
v5.16-rc3
v5.16-rc4
v5.16-rc5
v5.16-rc6
v5.16-rc7
v5.16-rc8
v5.17
v5.17-rc1
v5.17-rc2
v5.17-rc3
v5.17-rc4
v5.17-rc5
v5.17-rc6
v5.17-rc7
v5.17-rc8
v5.18
v5.18-rc1
v5.18-rc2
v5.18-rc3
v5.18-rc4
v5.18-rc5
v5.18-rc6
v5.18-rc7
v5.19
v5.19-rc1
v5.19-rc2
v5.19-rc3
v5.19-rc4
v5.19-rc5
v5.19-rc6
v5.19-rc7
v5.19-rc8
v6.*
v6.0
v6.0-rc1
v6.0-rc2
v6.0-rc3
v6.0-rc4
v6.0-rc5
v6.0-rc6
v6.0-rc7
v6.1
v6.1-rc1
v6.1-rc2
v6.1-rc3
v6.1-rc4
v6.1-rc5
v6.1-rc6
v6.1-rc7
v6.1-rc8
v6.1.1
v6.1.10
v6.1.11
v6.1.12
v6.1.13
v6.1.14
v6.1.15
v6.1.16
v6.1.17
v6.1.18
v6.1.19
v6.1.2
v6.1.20
v6.1.21
v6.1.22
v6.1.23
v6.1.24
v6.1.25
v6.1.26
v6.1.27
v6.1.28
v6.1.29
v6.1.3
v6.1.30
v6.1.31
v6.1.32
v6.1.33
v6.1.34
v6.1.35
v6.1.36
v6.1.37
v6.1.38
v6.1.39
v6.1.4
v6.1.40
v6.1.41
v6.1.42
v6.1.43
v6.1.44
v6.1.45
v6.1.46
v6.1.47
v6.1.48
v6.1.49
v6.1.5
v6.1.50
v6.1.51
v6.1.52
v6.1.53
v6.1.54
v6.1.55
v6.1.56
v6.1.57
v6.1.58
v6.1.59
v6.1.6
v6.1.60
v6.1.61
v6.1.62
v6.1.63
v6.1.64
v6.1.65
v6.1.66
v6.1.67
v6.1.68
v6.1.69
v6.1.7
v6.1.70
v6.1.71
v6.1.72
v6.1.73
v6.1.74
v6.1.75
v6.1.76
v6.1.77
v6.1.78
v6.1.79
v6.1.8
v6.1.80
v6.1.81
v6.1.82
v6.1.83
v6.1.84
v6.1.85
v6.1.86
v6.1.87
v6.1.88
v6.1.89
v6.1.9
v6.1.90
v6.1.91
v6.1.92
v6.2
v6.2-rc1
v6.2-rc2
v6.2-rc3
v6.2-rc4
v6.2-rc5
v6.2-rc6
v6.2-rc7
v6.2-rc8
v6.3
v6.3-rc1
v6.3-rc2
v6.3-rc3
v6.3-rc4
v6.3-rc5
v6.3-rc6
v6.3-rc7
v6.4
v6.4-rc1
v6.4-rc2
v6.4-rc3
v6.4-rc4
v6.4-rc5
v6.4-rc6
v6.4-rc7
v6.5
v6.5-rc1
v6.5-rc2
v6.5-rc3
v6.5-rc4
v6.5-rc5
v6.5-rc6
v6.5-rc7
v6.6
v6.6-rc1
v6.6-rc2
v6.6-rc3
v6.6-rc4
v6.6-rc5
v6.6-rc6
v6.6-rc7
v6.6.1
v6.6.10
v6.6.11
v6.6.12
v6.6.13
v6.6.14
v6.6.15
v6.6.16
v6.6.17
v6.6.18
v6.6.19
v6.6.2
v6.6.20
v6.6.21
v6.6.22
v6.6.23
v6.6.24
v6.6.25
v6.6.26
v6.6.27
v6.6.28
v6.6.29
v6.6.3
v6.6.30
v6.6.31
v6.6.32
v6.6.4
v6.6.5
v6.6.6
v6.6.7
v6.6.8
v6.6.9
v6.7
v6.7-rc1
v6.7-rc2
v6.7-rc3
v6.7-rc4
v6.7-rc5
v6.7-rc6
v6.7-rc7
v6.7-rc8
v6.8
v6.8-rc1
v6.8-rc2
v6.8-rc3
v6.8-rc4
v6.8-rc5
v6.8-rc6
v6.8-rc7
v6.9
v6.9-rc1
v6.9-rc2
v6.9-rc3
v6.9-rc4
v6.9-rc5
v6.9-rc6
v6.9-rc7
v6.9.1
v6.9.2
v6.9.3
Database specific
vanir_signatures
[
{
"signature_type": "Function",
"deprecated": false,
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@1b739388aa3f8dfb63a9fca777e6dfa6912d0464",
"signature_version": "v1",
"target": {
"function": "u_audio_set_mute",
"file": "drivers/usb/gadget/function/u_audio.c"
},
"digest": {
"function_hash": "215308480817715505961184227389814306807",
"length": 479.0
},
"id": "CVE-2024-38628-01bca133"
},
{
"signature_type": "Function",
"deprecated": false,
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@453d3fa9266e53f85377b911c19b9a4563fa88c0",
"signature_version": "v1",
"target": {
"function": "set_active",
"file": "drivers/usb/gadget/function/u_audio.c"
},
"digest": {
"function_hash": "264991785799399461301102423850887941291",
"length": 330.0
},
"id": "CVE-2024-38628-07c5f517"
},
{
"signature_type": "Function",
"deprecated": false,
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@bea73b58ab67fe581037ad9cdb93c2557590c068",
"signature_version": "v1",
"target": {
"function": "set_active",
"file": "drivers/usb/gadget/function/u_audio.c"
},
"digest": {
"function_hash": "264991785799399461301102423850887941291",
"length": 330.0
},
"id": "CVE-2024-38628-0ee6bb6f"
},
{
"signature_type": "Line",
"deprecated": false,
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@bea73b58ab67fe581037ad9cdb93c2557590c068",
"signature_version": "v1",
"target": {
"file": "drivers/usb/gadget/function/u_audio.c"
},
"digest": {
"threshold": 0.9,
"line_hashes": [
"163582016249283505634156244736480270790",
"187261613872156955086007378898785103266",
"149903300864936108083314923599608616050",
"34423813890976237469538456718144574463",
"38755810736215334143831964891195893972",
"153910999747480152317894476157240644119",
"32351934310783353606634652768230992194",
"231244112118676169987115899834802424824",
"95281997950794759441944414464899705489",
"204845677056854479818126644674352225826",
"206991002183793145064876194187682177720",
"208116318372076403364461079833044016077",
"252863739735324987529646667320449630090",
"230293964059710100632653950311805724646",
"238421350469874962683098780701906879746",
"242423171356229453871762643080229337619",
"27053438654341387843222813074778796976",
"279493384184579494971510116356511450198",
"234767846099672849135589686525442118208",
"243832195769022194496548528712545188052",
"170294617337606639349796356500078640920",
"277310272753742508935972957549057292965",
"42302090254292517083092613956451913967",
"171520270174836298034881691185191853861",
"253842809518115570313038210594368323482",
"249090963428719547077844781438285430901",
"93148120962007786893143733749758853433",
"9451943824214085554018300425504929627",
"109794139623419565262941682050193182369",
"80104607429292215426332614213856950846",
"313395607953650840444889800544196824911",
"375826408391002051622561698073460890",
"71775782451025539713786103504026062410",
"175291095373284161444470862756304849629",
"284995414203289489507630446758967994446",
"211406217387960616976595622748451136933",
"312452659567479346440846765662041471310",
"58086482959700677049638411112299470955",
"133454951506870404746486838649920660381"
]
},
"id": "CVE-2024-38628-2b422fb0"
},
{
"signature_type": "Function",
"deprecated": false,
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@1b739388aa3f8dfb63a9fca777e6dfa6912d0464",
"signature_version": "v1",
"target": {
"function": "u_audio_set_volume",
"file": "drivers/usb/gadget/function/u_audio.c"
},
"digest": {
"function_hash": "176964909384423301541499687868369457543",
"length": 526.0
},
"id": "CVE-2024-38628-2b858545"
},
{
"signature_type": "Function",
"deprecated": false,
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@1b739388aa3f8dfb63a9fca777e6dfa6912d0464",
"signature_version": "v1",
"target": {
"function": "g_audio_setup",
"file": "drivers/usb/gadget/function/u_audio.c"
},
"digest": {
"function_hash": "88613176286889242418545705172243262957",
"length": 4926.0
},
"id": "CVE-2024-38628-34a2687b"
},
{
"signature_type": "Line",
"deprecated": false,
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@453d3fa9266e53f85377b911c19b9a4563fa88c0",
"signature_version": "v1",
"target": {
"file": "drivers/usb/gadget/function/u_audio.c"
},
"digest": {
"threshold": 0.9,
"line_hashes": [
"163582016249283505634156244736480270790",
"187261613872156955086007378898785103266",
"149903300864936108083314923599608616050",
"34423813890976237469538456718144574463",
"38755810736215334143831964891195893972",
"153910999747480152317894476157240644119",
"32351934310783353606634652768230992194",
"231244112118676169987115899834802424824",
"95281997950794759441944414464899705489",
"204845677056854479818126644674352225826",
"206991002183793145064876194187682177720",
"208116318372076403364461079833044016077",
"252863739735324987529646667320449630090",
"230293964059710100632653950311805724646",
"238421350469874962683098780701906879746",
"242423171356229453871762643080229337619",
"27053438654341387843222813074778796976",
"279493384184579494971510116356511450198",
"234767846099672849135589686525442118208",
"243832195769022194496548528712545188052",
"170294617337606639349796356500078640920",
"277310272753742508935972957549057292965",
"42302090254292517083092613956451913967",
"171520270174836298034881691185191853861",
"253842809518115570313038210594368323482",
"249090963428719547077844781438285430901",
"93148120962007786893143733749758853433",
"9451943824214085554018300425504929627",
"109794139623419565262941682050193182369",
"80104607429292215426332614213856950846",
"313395607953650840444889800544196824911",
"375826408391002051622561698073460890",
"71775782451025539713786103504026062410",
"175291095373284161444470862756304849629",
"284995414203289489507630446758967994446",
"211406217387960616976595622748451136933",
"312452659567479346440846765662041471310",
"58086482959700677049638411112299470955",
"133454951506870404746486838649920660381"
]
},
"id": "CVE-2024-38628-67cfa852"
},
{
"signature_type": "Function",
"deprecated": false,
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@89e66809684485590ea0b32c3178e42cba36ac09",
"signature_version": "v1",
"target": {
"function": "u_audio_set_mute",
"file": "drivers/usb/gadget/function/u_audio.c"
},
"digest": {
"function_hash": "215308480817715505961184227389814306807",
"length": 479.0
},
"id": "CVE-2024-38628-7ad7260e"
},
{
"signature_type": "Function",
"deprecated": false,
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@453d3fa9266e53f85377b911c19b9a4563fa88c0",
"signature_version": "v1",
"target": {
"function": "g_audio_setup",
"file": "drivers/usb/gadget/function/u_audio.c"
},
"digest": {
"function_hash": "239977769633791502293019945558308054801",
"length": 5006.0
},
"id": "CVE-2024-38628-7da037fa"
},
{
"signature_type": "Function",
"deprecated": false,
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@bea73b58ab67fe581037ad9cdb93c2557590c068",
"signature_version": "v1",
"target": {
"function": "g_audio_setup",
"file": "drivers/usb/gadget/function/u_audio.c"
},
"digest": {
"function_hash": "239977769633791502293019945558308054801",
"length": 5006.0
},
"id": "CVE-2024-38628-80d2517e"
},
{
"signature_type": "Line",
"deprecated": false,
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@1b739388aa3f8dfb63a9fca777e6dfa6912d0464",
"signature_version": "v1",
"target": {
"file": "drivers/usb/gadget/function/u_audio.c"
},
"digest": {
"threshold": 0.9,
"line_hashes": [
"163582016249283505634156244736480270790",
"187261613872156955086007378898785103266",
"149903300864936108083314923599608616050",
"34423813890976237469538456718144574463",
"38755810736215334143831964891195893972",
"153910999747480152317894476157240644119",
"32351934310783353606634652768230992194",
"231244112118676169987115899834802424824",
"95281997950794759441944414464899705489",
"204845677056854479818126644674352225826",
"206991002183793145064876194187682177720",
"208116318372076403364461079833044016077",
"252863739735324987529646667320449630090",
"230293964059710100632653950311805724646",
"238421350469874962683098780701906879746",
"242423171356229453871762643080229337619",
"27053438654341387843222813074778796976",
"279493384184579494971510116356511450198",
"234767846099672849135589686525442118208",
"243832195769022194496548528712545188052",
"170294617337606639349796356500078640920",
"277310272753742508935972957549057292965",
"42302090254292517083092613956451913967",
"171520270174836298034881691185191853861",
"253842809518115570313038210594368323482",
"249090963428719547077844781438285430901",
"93148120962007786893143733749758853433",
"9451943824214085554018300425504929627",
"109794139623419565262941682050193182369",
"80104607429292215426332614213856950846",
"313395607953650840444889800544196824911",
"375826408391002051622561698073460890",
"71775782451025539713786103504026062410",
"175291095373284161444470862756304849629",
"284995414203289489507630446758967994446",
"211406217387960616976595622748451136933",
"312452659567479346440846765662041471310",
"171886679986649670986814777709922958320",
"140948614989033928506558659595742507986"
]
},
"id": "CVE-2024-38628-8646dba7"
},
{
"signature_type": "Function",
"deprecated": false,
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@89e66809684485590ea0b32c3178e42cba36ac09",
"signature_version": "v1",
"target": {
"function": "u_audio_set_volume",
"file": "drivers/usb/gadget/function/u_audio.c"
},
"digest": {
"function_hash": "176964909384423301541499687868369457543",
"length": 526.0
},
"id": "CVE-2024-38628-93bd1035"
},
{
"signature_type": "Function",
"deprecated": false,
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@bea73b58ab67fe581037ad9cdb93c2557590c068",
"signature_version": "v1",
"target": {
"function": "u_audio_set_mute",
"file": "drivers/usb/gadget/function/u_audio.c"
},
"digest": {
"function_hash": "215308480817715505961184227389814306807",
"length": 479.0
},
"id": "CVE-2024-38628-c21507e6"
},
{
"signature_type": "Function",
"deprecated": false,
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@453d3fa9266e53f85377b911c19b9a4563fa88c0",
"signature_version": "v1",
"target": {
"function": "u_audio_set_mute",
"file": "drivers/usb/gadget/function/u_audio.c"
},
"digest": {
"function_hash": "215308480817715505961184227389814306807",
"length": 479.0
},
"id": "CVE-2024-38628-d338c9ba"
},
{
"signature_type": "Function",
"deprecated": false,
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@89e66809684485590ea0b32c3178e42cba36ac09",
"signature_version": "v1",
"target": {
"function": "set_active",
"file": "drivers/usb/gadget/function/u_audio.c"
},
"digest": {
"function_hash": "264991785799399461301102423850887941291",
"length": 330.0
},
"id": "CVE-2024-38628-def04ad8"
},
{
"signature_type": "Function",
"deprecated": false,
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@89e66809684485590ea0b32c3178e42cba36ac09",
"signature_version": "v1",
"target": {
"function": "g_audio_setup",
"file": "drivers/usb/gadget/function/u_audio.c"
},
"digest": {
"function_hash": "239977769633791502293019945558308054801",
"length": 5006.0
},
"id": "CVE-2024-38628-e1b4f0b5"
},
{
"signature_type": "Line",
"deprecated": false,
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@89e66809684485590ea0b32c3178e42cba36ac09",
"signature_version": "v1",
"target": {
"file": "drivers/usb/gadget/function/u_audio.c"
},
"digest": {
"threshold": 0.9,
"line_hashes": [
"163582016249283505634156244736480270790",
"187261613872156955086007378898785103266",
"149903300864936108083314923599608616050",
"34423813890976237469538456718144574463",
"38755810736215334143831964891195893972",
"153910999747480152317894476157240644119",
"32351934310783353606634652768230992194",
"231244112118676169987115899834802424824",
"95281997950794759441944414464899705489",
"204845677056854479818126644674352225826",
"206991002183793145064876194187682177720",
"208116318372076403364461079833044016077",
"252863739735324987529646667320449630090",
"230293964059710100632653950311805724646",
"238421350469874962683098780701906879746",
"242423171356229453871762643080229337619",
"27053438654341387843222813074778796976",
"279493384184579494971510116356511450198",
"234767846099672849135589686525442118208",
"243832195769022194496548528712545188052",
"170294617337606639349796356500078640920",
"277310272753742508935972957549057292965",
"42302090254292517083092613956451913967",
"171520270174836298034881691185191853861",
"253842809518115570313038210594368323482",
"249090963428719547077844781438285430901",
"93148120962007786893143733749758853433",
"9451943824214085554018300425504929627",
"109794139623419565262941682050193182369",
"80104607429292215426332614213856950846",
"313395607953650840444889800544196824911",
"375826408391002051622561698073460890",
"71775782451025539713786103504026062410",
"175291095373284161444470862756304849629",
"284995414203289489507630446758967994446",
"211406217387960616976595622748451136933",
"312452659567479346440846765662041471310",
"58086482959700677049638411112299470955",
"133454951506870404746486838649920660381"
]
},
"id": "CVE-2024-38628-e2cfaac6"
},
{
"signature_type": "Function",
"deprecated": false,
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@453d3fa9266e53f85377b911c19b9a4563fa88c0",
"signature_version": "v1",
"target": {
"function": "u_audio_set_volume",
"file": "drivers/usb/gadget/function/u_audio.c"
},
"digest": {
"function_hash": "176964909384423301541499687868369457543",
"length": 526.0
},
"id": "CVE-2024-38628-eb38b768"
},
{
"signature_type": "Function",
"deprecated": false,
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@bea73b58ab67fe581037ad9cdb93c2557590c068",
"signature_version": "v1",
"target": {
"function": "u_audio_set_volume",
"file": "drivers/usb/gadget/function/u_audio.c"
},
"digest": {
"function_hash": "176964909384423301541499687868369457543",
"length": 526.0
},
"id": "CVE-2024-38628-efee0d7d"
},
{
"signature_type": "Function",
"deprecated": false,
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@1b739388aa3f8dfb63a9fca777e6dfa6912d0464",
"signature_version": "v1",
"target": {
"function": "set_active",
"file": "drivers/usb/gadget/function/u_audio.c"
},
"digest": {
"function_hash": "264991785799399461301102423850887941291",
"length": 330.0
},
"id": "CVE-2024-38628-f39239fd"
}
]