CVE-2024-26919: usb: ulpi: Fix debugfs directory leak

Description

In the Linux kernel, the following vulnerability has been resolved:

usb: ulpi: Fix debugfs directory leak

The ULPI per-device debugfs root is named after the ulpi device's
parent, but ulpi_unregister_interface tries to remove a debugfs
directory named after the ulpi device itself. This results in the
directory sticking around and preventing subsequent (deferred) probes
from succeeding. Change the directory name to match the ulpi device.

Classification

CVE ID: CVE-2024-26919

Affected Products

Vendor: Linux

Product: Linux

Exploit Prediction Scoring System (EPSS)

EPSS Score: 0.05% (probability of being exploited)

EPSS Percentile: 17.83% (scored less or equal to compared to others)

EPSS Date: 2025-02-04 (when was this score calculated)

References

https://git.kernel.org/stable/c/d31b886ed6a5095214062ee4fb55037eb930adb6
https://git.kernel.org/stable/c/330d22aba17a4d30a56f007d0f51291d7e00862b
https://git.kernel.org/stable/c/33713945cc92ea9c4a1a9479d5c1b7acb7fc4df3
https://git.kernel.org/stable/c/3caf2b2ad7334ef35f55b95f3e1b138c6f77b368

Timeline

2024-12-20 00:34:53 UTC
CVE

usb: ulpi: Fix debugfs directory leak