CVE-2024-38633
serial: max3100: Update uart_driver_registered on driver removal
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
In the Linux kernel, the following vulnerability has been resolved:
serial: max3100: Update uart_driver_registered on driver removal
The removal of the last MAX3100 device triggers the removal of
the driver. However, code doesn't update the respective global
variable and after insmod — rmmod — insmod cycle the kernel
oopses:
max3100 spi-PRP0001:01: max3100_probe: adding port 0
BUG: kernel NULL pointer dereference, address: 0000000000000408
...
RIP: 0010:serial_core_register_port+0xa0/0x840
...
max3100_probe+0x1b6/0x280 [max3100]
spi_probe+0x8d/0xb0
Update the actual state so next time UART driver will be registered
again.
Hugo also noticed, that the error path in the probe also affected
by having the variable set, and not cleared. Instead of clearing it
move the assignment after the successfull uart_register_driver() call.
En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: serial: max3100: actualización uart_driver_registered al eliminar el controlador La eliminación del último dispositivo MAX3100 desencadena la eliminación del controlador. Sin embargo, el código no actualiza la variable global respectiva y después del ciclo insmod — rmmod — insmod, el kernel falla: max3100 spi-PRP0001:01: max3100_probe: agregando el puerto 0 ERROR: desreferencia del puntero NULL del kernel, dirección: 0000000000000408... RIP: 0010:serial_core_register_port+0xa0/0x840 ... max3100_probe+0x1b6/0x280 [max3100] spi_probe+0x8d/0xb0 Actualice el estado actual para que la próxima vez el controlador UART se registre nuevamente. Hugo también notó que la ruta de error en la sonda también se veía afectada por tener la variable configurada y no borrada. En lugar de borrarlo, mueva la asignación después de la llamada exitosa a uart_register_driver().
CVSS Scores
SSVC
- Decision:Track
Timeline
- 2024-06-18 CVE Reserved
- 2024-06-21 CVE Published
- 2024-08-02 CVE Updated
- 2024-09-10 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
CAPEC
References (9)
URL | Tag | Source |
---|---|---|
https://git.kernel.org/stable/c/7831d56b0a3544cbb6f82f76c34ca95e24d5b676 | Vuln. Introduced |
URL | Date | SRC |
---|
URL | Date | SRC |
---|
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 2.6.30 < 4.19.316 Search vendor "Linux" for product "Linux Kernel" and version " >= 2.6.30 < 4.19.316" | en |
Affected
| ||||||
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 2.6.30 < 5.4.278 Search vendor "Linux" for product "Linux Kernel" and version " >= 2.6.30 < 5.4.278" | en |
Affected
| ||||||
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 2.6.30 < 5.10.219 Search vendor "Linux" for product "Linux Kernel" and version " >= 2.6.30 < 5.10.219" | en |
Affected
| ||||||
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 2.6.30 < 5.15.161 Search vendor "Linux" for product "Linux Kernel" and version " >= 2.6.30 < 5.15.161" | en |
Affected
| ||||||
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 2.6.30 < 6.1.93 Search vendor "Linux" for product "Linux Kernel" and version " >= 2.6.30 < 6.1.93" | en |
Affected
| ||||||
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 2.6.30 < 6.6.33 Search vendor "Linux" for product "Linux Kernel" and version " >= 2.6.30 < 6.6.33" | en |
Affected
| ||||||
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 2.6.30 < 6.9.4 Search vendor "Linux" for product "Linux Kernel" and version " >= 2.6.30 < 6.9.4" | en |
Affected
| ||||||
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 2.6.30 < 6.10 Search vendor "Linux" for product "Linux Kernel" and version " >= 2.6.30 < 6.10" | en |
Affected
|