CVE Daily

CVE-2024-53070

In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: ...

Medium CVSS 5.5

Overview

In the Linux kernel, the following vulnerability has been resolved:

usb: dwc3: fix fault at system suspend if device was already runtime suspended

If the device was already runtime suspended then during system suspend
we cannot access the device registers else it will crash.

Also we cannot access any registers after dwc3_core_exit() on some
platforms so move the dwc3_enable_susphy() call to the top.

CWE: N/A Published: 2024-11-19T18:15:26.700
Risk analysis

This vulnerability is rated 🟡 MEDIUM.

  • CVSS: 5.5 (MEDIUM)
  • Detected tags: none (tag impact: LOW)

Recommended actions:

  • Prioritize remediation based on business criticality and exposure.
  • Limit exposure and increase monitoring until fixed.

Recommended tools

Tags