{"vulnerability": "CVE-2024-45006", "sightings": [{"uuid": "f40012a2-b7fd-4214-9a07-0ccb604e5580", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45006", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-226-07", "content": "", "creation_timestamp": "2025-08-14T10:00:00.000000Z"}, {"uuid": "db879f7c-094b-490e-8016-69f0438aab83", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45006", "type": "seen", "source": "https://t.me/cvedetector/4859", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-45006 - Here is a possible title for the vulnerability: \"Gigabyte xHCI NULL Pointer Dereference Vulnerability\"\", \n  \"Content\": \"CVE ID : CVE-2024-45006 \nPublished : Sept. 4, 2024, 8:15 p.m. | 27\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved:  \n  \nxhci: Fix Panther point NULL pointer deref at full-speed re-enumeration  \n  \nre-enumerating full-speed devices after a failed address device command  \ncan trigger a NULL pointer dereference.  \n  \nFull-speed devices may need to reconfigure the endpoint 0 Max Packet Size  \nvalue during enumeration. Usb core calls usb_ep0_reinit() in this case,  \nwhich ends up calling xhci_configure_endpoint().  \n  \nOn Panther point xHC the xhci_configure_endpoint() function will  \nadditionally check and reserve bandwidth in software. Other hosts do  \nthis in hardware  \n  \nIf xHC address device command fails then a new xhci_virt_device structure  \nis allocated as part of re-enabling the slot, but the bandwidth table  \npointers are not set up properly here.  \nThis triggers the NULL pointer dereference the next time usb_ep0_reinit()  \nis called and xhci_configure_endpoint() tries to check and reserve  \nbandwidth  \n  \n[46710.713538] usb 3-1: new full-speed USB device number 5 using xhci_hcd  \n[46710.713699] usb 3-1: Device not responding to setup address.  \n[46710.917684] usb 3-1: Device not responding to setup address.  \n[46711.125536] usb 3-1: device not accepting address 5, error -71  \n[46711.125594] BUG: kernel NULL pointer dereference, address: 0000000000000008  \n[46711.125600] #PF: supervisor read access in kernel mode  \n[46711.125603] #PF: error_code(0x0000) - not-present page  \n[46711.125606] PGD 0 P4D 0  \n[46711.125610] Oops: Oops: 0000 [#1] PREEMPT SMP PTI  \n[46711.125615] CPU: 1 PID: 25760 Comm: kworker/1:2 Not tainted 6.10.3_2 #1  \n[46711.125620] Hardware name: Gigabyte Technology Co., Ltd.  \n[46711.125623] Workqueue: usb_hub_wq hub_event [usbcore]  \n[46711.125668] RIP: 0010:xhci_reserve_bandwidth (drivers/usb/host/xhci.c  \n  \nFix this by making sure bandwidth table pointers are set up correctly  \nafter a failed address device command, and additionally by avoiding  \nchecking for bandwidth in cases like this where no actual endpoints are  \nadded or removed, i.e. only context for default control endpoint 0 is  \nevaluated. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"04 Sep 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-04T22:47:25.000000Z"}]}