CVE-2024-53149

Advisory lineage Upstream: 0 Downstream: 11

Downstream

DEBIAN-CVE-2024-53149 SUSE-SU-2026:0447-1 SUSE-SU-2026:0471-1 SUSE-SU-2026:0472-1 SUSE-SU-2026:0587-1 SUSE-SU-2026:20477-1

Modified

Published: 24 Dec 2024, 11:28

Last modified:11 May 2026, 20:51

Vulnerability Summary

Overall Risk (default)

low

18/100

CVSS Score

4.6 MEDIUM

v3.1 (nvd)

EPSS Score

0.02% LOW

0% probability -0.05%

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

24 Dec 2024, 11:28

Published

Vulnerability first disclosed

11 May 2026, 20:51

Last Modified

Vulnerability information updated

Description

In the Linux kernel, the following vulnerability has been resolved: usb: typec: ucsi: glink: fix off-by-one in connector_status UCSI connector's indices start from 1 up to 3, PMIC_GLINK_MAX_PORTS. Correct the condition in the pmic_glink_ucsi_connector_status() callback, fixing Type-C orientation reporting for the third USB-C connector.

CVSS Metrics

v3.1•MEDIUM•Score: 4.6CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS Trends

Current EPSS score: 0.02%• Percentile: 7%

Techniques & Countermeasures

CWE-193•Off-by-one Error
A product calculates or uses an incorrect maximum or minimum value that is 1 more, or 1 less, than the correct value.

Affected Systems

linux•linux
≥ fd662c37a1087a2631cd2544138650b153e65f90, < 8a2273e5c1beb285729aa001422967b4711c53fe | ≥ 76716fd5bf09725c2c6825264147f16c21e56853, < 9a5a8b5bd72169aa7a8ec800ef57be2f2cb4d9b2 | ≥ 76716fd5bf09725c2c6825264147f16c21e56853, < 6ba6f7f29e0dff47a2799e60dcd1b5c29cd811a5 | ≥ 76716fd5bf09725c2c6825264147f16c21e56853, < 4a22918810980897393fa1776ea3877e4baf8cca | 6.10
linux•linux_kernel
≥ 6.10, < 6.11.11 | ≥ 6.12, < 6.12.2