{"dataType":"CVE_RECORD","dataVersion":"5.1","cveMetadata":{"cveId":"CVE-2024-53205","assignerOrgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","state":"PUBLISHED","assignerShortName":"Linux","dateReserved":"2024-11-19T17:17:25.019Z","datePublished":"2024-12-27T13:49:51.353Z","dateUpdated":"2025-05-04T09:55:46.420Z"},"containers":{"cna":{"providerMetadata":{"orgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","shortName":"Linux","dateUpdated":"2025-05-04T09:55:46.420Z"},"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nphy: realtek: usb: fix NULL deref in rtk_usb2phy_probe\n\nIn rtk_usb2phy_probe() devm_kzalloc() may return NULL\nbut this returned value is not checked."}],"affected":[{"product":"Linux","vendor":"Linux","defaultStatus":"unaffected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["drivers/phy/realtek/phy-rtk-usb2.c"],"versions":[{"version":"134e6d25f6bd06071e5aac0a7eefcea6f7713955","lessThan":"7e2cde1813418b39b5e95d86e10d6701dccf18af","status":"affected","versionType":"git"},{"version":"134e6d25f6bd06071e5aac0a7eefcea6f7713955","lessThan":"7a784bcdd7e54f0599da3b2360e472238412623e","status":"affected","versionType":"git"},{"version":"eeda494542e55b603c7b80e14bfc5ee4ab7f9814","lessThan":"0b398b6b6c94315fd2ce3658e3cee96539dbd7b7","status":"affected","versionType":"git"},{"version":"eeda494542e55b603c7b80e14bfc5ee4ab7f9814","lessThan":"fb83c9a08324e37f321ffb400809aa4310387d65","status":"affected","versionType":"git"},{"version":"eeda494542e55b603c7b80e14bfc5ee4ab7f9814","lessThan":"04e3e9188291a183b27306ddb833722c0d083d6a","status":"affected","versionType":"git"}]},{"product":"Linux","vendor":"Linux","defaultStatus":"affected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["drivers/phy/realtek/phy-rtk-usb2.c"],"versions":[{"version":"6.6","status":"affected"},{"version":"6.9","status":"affected"},{"version":"0","lessThan":"6.6","status":"unaffected","versionType":"semver"},{"version":"6.6.4","lessThanOrEqual":"6.6.*","status":"unaffected","versionType":"semver"},{"version":"6.7","lessThan":"6.9","status":"unaffected","versionType":"semver"},{"version":"6.11.11","lessThanOrEqual":"6.11.*","status":"unaffected","versionType":"semver"},{"version":"6.12.2","lessThanOrEqual":"6.12.*","status":"unaffected","versionType":"semver"},{"version":"6.13","lessThanOrEqual":"*","status":"unaffected","versionType":"original_commit_for_fix"}]}],"cpeApplicability":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.6","versionEndExcluding":"6.6.4"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.6","versionEndExcluding":"6.7"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.9","versionEndExcluding":"6.11.11"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.9","versionEndExcluding":"6.12.2"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.9","versionEndExcluding":"6.13"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/7e2cde1813418b39b5e95d86e10d6701dccf18af"},{"url":"https://git.kernel.org/stable/c/7a784bcdd7e54f0599da3b2360e472238412623e"},{"url":"https://git.kernel.org/stable/c/0b398b6b6c94315fd2ce3658e3cee96539dbd7b7"},{"url":"https://git.kernel.org/stable/c/fb83c9a08324e37f321ffb400809aa4310387d65"},{"url":"https://git.kernel.org/stable/c/04e3e9188291a183b27306ddb833722c0d083d6a"}],"title":"phy: realtek: usb: fix NULL deref in rtk_usb2phy_probe","x_generator":{"engine":"bippy-1.2.0"}}}}