CVE-2024-50075: 
Linux Kernel vulnerability analysis and mitigation

CVE-2024-50075 affects the Linux kernel's XHCI Tegra USB controller implementation. The vulnerability was discovered and disclosed in October 2024, specifically related to USB2 port handling when USB virtualization is enabled. The issue occurs because USB2 ports are shared between all Virtual Functions, and the USB2 port number owned by a USB2 root hub in a Virtual Function may be less than the total USB2 phy number supported by the Tegra XUSB controller (NVD).

The vulnerability stems from using the total USB2 phy number as a port number to check all PORTSC values, which can cause invalid memory access. This occurs in the tegraxusbenter_elpg function during runtime suspension. The issue was assigned a CVSS v3.1 Base Score of 5.5 MEDIUM with vector string CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H (NVD).

When exploited, this vulnerability can lead to invalid memory access and kernel paging request failures. The issue manifests during runtime suspension of the USB controller, potentially causing system crashes or denial of service conditions (NVD).

The issue has been fixed in the Linux kernel through a patch that modifies the port number checking logic. The fix changes the loop condition from using tegra->numusbphys to xhci->usb2rhub.numports, ensuring proper port number validation (Kernel Patch).