CVE-2024-50058
Published: Oct 21, 2024
Modified: May 12, 2026
Description
In the Linux kernel, the following vulnerability has been resolved: serial: protect uart_port_dtr_rts() in uart_shutdown() too Commit af224ca2df29 (serial: core: Prevent unsafe uart port access, part 3) added few uport == NULL checks. It added one to uart_shutdown(), so the commit assumes, uport can be NULL in there. But right after that protection, there is an unprotected "uart_port_dtr_rts(uport, false);" call. That is invoked only if HUPCL is set, so I assume that is the reason why we do not see lots of these reports. Or it cannot be NULL at this point at all for some reason :P. Until the above is investigated, stay on the safe side and move this dereference to the if too. I got this inconsistency from Coverity under CID 1585130. Thanks.
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected af224ca2df297440448b9d407d21b50982c6d532 - < 2fe399bb8efd0d325ab1138cf8e3ecf23a39e96daffected af224ca2df297440448b9d407d21b50982c6d532 - < 399927f0f875b93f3d5a0336d382ba48b8671eb2affected af224ca2df297440448b9d407d21b50982c6d532 - < d7b5876a6e74cdf8468a478be6b23f2f5464ac7aaffected af224ca2df297440448b9d407d21b50982c6d532 - < e418d91195d29d5f9c9685ff309b92b04b41dc40affected af224ca2df297440448b9d407d21b50982c6d532 - < 76ed24a34223bb2c6b6162e1d8389ec4e602a290+1 more versions |
Linux | Linux | affected 4.7unaffected 0 - < 4.7unaffected 5.10.229 - <= 5.10.*unaffected 5.15.170 - <= 5.15.*unaffected 6.1.115 - <= 6.1.*+3 more versions |
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now