CVE-2024-50268: 
Linux Kernel vulnerability analysis and mitigation

CVE-2024-50268 is a vulnerability in the Linux kernel's USB Type-C subsystem, specifically in the ucsiccgupdatesetnewcamcmd() function. The vulnerability was discovered and disclosed on November 18, 2024, affecting multiple versions of the Linux kernel from 5.6 through 6.11.8 (NVD).

The vulnerability is an out-of-bounds read issue (CWE-125) in the USB Type-C subsystem. The '*cmd' variable, which can be controlled by users via debugfs, allows 'newcam' to reach values up to 255, while the size of the uc->updated[] array is limited to UCSIMAXALTMODES (30). The vulnerability occurs in the following call tree: ucsicmd() -> ucsisendcommand() -> ucsisendcommandcommon() -> ucsiruncommand() -> ucsiccgsynccontrol(). The CVSS v3.1 base score is 7.1 (HIGH) with vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H (NVD).

The vulnerability could allow an attacker with local access to cause a segmentation fault or system crash by triggering memory reads outside the bounds of the buffer (Red Hat).

The vulnerability has been patched in the Linux kernel. The fix involves adding a bounds check before accessing the array: 'if (newcam >= ARRAYSIZE(uc->updated)) return;'. Users should update their Linux kernel to the latest version that includes this security fix (Kernel Patch).