Off-by-one Error

CVE-2024-53149

Medium

4.6/10

Summary

In the Linux kernel, the following vulnerability has been resolved: usb: typec: ucsi: glink: fix off-by-one in connector_status UCSI connector's indices start from 1 up to 3, PMIC_GLINK_MAX_PORTS. Correct the condition in the pmic_glink_ucsi_connector_status() callback, fixing Type-C orientation reporting for the third USB-C connector.

Attack Complexity: LOW
Attack Vector: PHYSICAL
Integrity Impact: NONE
Scope: UNCHANGED
User Interaction: NONE
Privileges Required: NONE
Confidentiality Impact: NONE
Availability Impact: HIGH

CWE-193 - Off-by-one Error

A product calculates or uses an incorrect maximum or minimum value that is 1 more, or 1 less, than the correct value.

References

Advisory Timeline

Published Dec 24, 2024

Off-by-one Error

CVE-2024-53149

Summary

CWE-193 - Off-by-one Error

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS