THREATINT

We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Zendesk (Helpdesk and Chat)

Ok

PUBLISHED

CVE-2024-27000

serial: mxs-auart: add spinlock around changing cts state

Reserved:2024-02-19
Published:2024-05-01
Updated:2024-05-13

Description

In the Linux kernel, the following vulnerability has been resolved: serial: mxs-auart: add spinlock around changing cts state The uart_handle_cts_change() function in serial_core expects the caller to hold uport->lock. For example, I have seen the below kernel splat, when the Bluetooth driver is loaded on an i.MX28 board. [ 85.119255] ------------[ cut here ]------------ [ 85.124413] WARNING: CPU: 0 PID: 27 at /drivers/tty/serial/serial_core.c:3453 uart_handle_cts_change+0xb4/0xec [ 85.134694] Modules linked in: hci_uart bluetooth ecdh_generic ecc wlcore_sdio configfs [ 85.143314] CPU: 0 PID: 27 Comm: kworker/u3:0 Not tainted 6.6.3-00021-gd62a2f068f92 #1 [ 85.151396] Hardware name: Freescale MXS (Device Tree) [ 85.156679] Workqueue: hci0 hci_power_on [bluetooth] (...) [ 85.191765] uart_handle_cts_change from mxs_auart_irq_handle+0x380/0x3f4 [ 85.198787] mxs_auart_irq_handle from __handle_irq_event_percpu+0x88/0x210 (...)

Product status

Default status
unaffected

4d90bb147ef6 before 56434e295bd4
affected

4d90bb147ef6 before 21535ef0ac19
affected

4d90bb147ef6 before 0dc0637e6b16
affected

4d90bb147ef6 before 479244d68f5d
affected

4d90bb147ef6 before 2c9b943e9924
affected

4d90bb147ef6 before 5f40fd6ca2cf
affected

4d90bb147ef6 before 94b0e65c75f4
affected

4d90bb147ef6 before 54c4ec5f8c47
affected

Default status
affected

3.18
affected

Any version before 3.18
unaffected

4.19.313
unaffected

5.4.275
unaffected

5.10.216
unaffected

5.15.158
unaffected

6.1.88
unaffected

6.6.29
unaffected

6.8.8
unaffected

6.9
unaffected

References

https://git.kernel.org/stable/c/56434e295bd446142025913bfdf1587f5e1970ad

https://git.kernel.org/stable/c/21535ef0ac1945080198fe3e4347ea498205c99a

https://git.kernel.org/stable/c/0dc0637e6b16158af85945425821bfd0151adb37

https://git.kernel.org/stable/c/479244d68f5d94f3903eced52b093c1e01ddb495

https://git.kernel.org/stable/c/2c9b943e9924cf1269e44289bc5e60e51b0f5270

https://git.kernel.org/stable/c/5f40fd6ca2cf0bfbc5a5c9e403dfce8ca899ba37

https://git.kernel.org/stable/c/94b0e65c75f4af888ab2dd6c90f060f762924e86

https://git.kernel.org/stable/c/54c4ec5f8c471b7c1137a1f769648549c423c026

cve.org CVE-2024-27000

nvd.nist.gov CVE-2024-27000

Download JSON

Share this page
https://cve.threatint.com/CVE/CVE-2024-27000