{"uuid": "c0e4f4ca-ae8e-498a-9d03-a167b40e021c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-57913", "type": "seen", "source": "https://t.me/cvedetector/15859", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-57913 - Linux USB gadget functionfs remote denial of service (DoS) Windows Panic\", \n  \"Content\": \"CVE ID : CVE-2024-57913 \nPublished : Jan. 19, 2025, 12:15 p.m. | 36\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved:  \n  \nusb: gadget: f_fs: Remove WARN_ON in functionfs_bind  \n  \nThis commit addresses an issue related to below kernel panic where  \npanic_on_warn is enabled. It is caused by the unnecessary use of WARN_ON  \nin functionsfs_bind, which easily leads to the following scenarios.  \n  \n1.adb_write in adbd               2. UDC write via configfs  \n  =================              =====================  \n  \n->usb_ffs_open_thread()           ->UDC write  \n ->open_functionfs()               ->configfs_write_iter()  \n  ->adb_open()                      ->gadget_dev_desc_UDC_store()  \n   ->adb_write()                     ->usb_gadget_register_driver_owner  \n                                      ->driver_register()  \n->StartMonitor()                       ->bus_add_driver()  \n ->adb_read()                           ->gadget_bind_driver()  \n           ->configfs_composite_bind()  \n                                          ->usb_add_function()  \n->open_functionfs()                        ->ffs_func_bind()  \n ->adb_open()                               ->functionfs_bind()  \n                                       state !=FFS_ACTIVE>  \n  \nThe adb_open, adb_read, and adb_write operations are invoked from the  \ndaemon, but trying to bind the function is a process that is invoked by  \nUDC write through configfs, which opens up the possibility of a race  \ncondition between the two paths. In this race scenario, the kernel panic  \noccurs due to the WARN_ON from functionfs_bind when panic_on_warn is  \nenabled. This commit fixes the kernel panic by removing the unnecessary  \nWARN_ON.  \n  \nKernel panic - not syncing: kernel: panic_on_warn set ...  \n[   14.542395] Call trace:  \n[   14.542464]  ffs_func_bind+0x1c8/0x14a8  \n[   14.542468]  usb_add_function+0xcc/0x1f0  \n[   14.542473]  configfs_composite_bind+0x468/0x588  \n[   14.542478]  gadget_bind_driver+0x108/0x27c  \n[   14.542483]  really_probe+0x190/0x374  \n[   14.542488]  __driver_probe_device+0xa0/0x12c  \n[   14.542492]  driver_probe_device+0x3c/0x220  \n[   14.542498]  __driver_attach+0x11c/0x1fc  \n[   14.542502]  bus_for_each_dev+0x104/0x160  \n[   14.542506]  driver_attach+0x24/0x34  \n[   14.542510]  bus_add_driver+0x154/0x270  \n[   14.542514]  driver_register+0x68/0x104  \n[   14.542518]  usb_gadget_register_driver_owner+0x48/0xf4  \n[   14.542523]  gadget_dev_desc_UDC_store+0xf8/0x144  \n[   14.542526]  configfs_write_iter+0xf0/0x138 \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"19 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-19T13:58:36.000000Z"}