CVE-2024-50058
serial: protect uart_port_dtr_rts() in uart_shutdown() too
We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.
Please see our statement on Data Privacy.
serial: protect uart_port_dtr_rts() in uart_shutdown() too
In the Linux kernel, the following vulnerability has been resolved: serial: protect uart_port_dtr_rts() in uart_shutdown() too Commit af224ca2df29 (serial: core: Prevent unsafe uart port access, part 3) added few uport == NULL checks. It added one to uart_shutdown(), so the commit assumes, uport can be NULL in there. But right after that protection, there is an unprotected "uart_port_dtr_rts(uport, false);" call. That is invoked only if HUPCL is set, so I assume that is the reason why we do not see lots of these reports. Or it cannot be NULL at this point at all for some reason :P. Until the above is investigated, stay on the safe side and move this dereference to the if too. I got this inconsistency from Coverity under CID 1585130. Thanks.
Reserved 2024-10-21 | Published 2024-10-21 | Updated 2024-12-19 | Assigner Linuxgit.kernel.org/...c/2fe399bb8efd0d325ab1138cf8e3ecf23a39e96d
git.kernel.org/...c/399927f0f875b93f3d5a0336d382ba48b8671eb2
git.kernel.org/...c/d7b5876a6e74cdf8468a478be6b23f2f5464ac7a
git.kernel.org/...c/e418d91195d29d5f9c9685ff309b92b04b41dc40
git.kernel.org/...c/76ed24a34223bb2c6b6162e1d8389ec4e602a290
git.kernel.org/...c/602babaa84d627923713acaf5f7e9a4369e77473
Support options
