In the Linux kernel, the following vulnerability has been resolved:
USB: serial: io_edgeport: fix use after free in debug printk
The "dev_dbg(&urb->dev->dev, ..." which happens after usb_free_urb(urb)
is a use after free of the "urb" pointer. Store the "dev" pointer at the
start of the function to avoid this issue.
References
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 19:27
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-416 | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.8 |
CPE | cpe:2.3:o:linux:linux_kernel:6.12:rc6:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:6.12:rc4:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:6.12:rc1:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:6.12:rc2:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:6.12:rc3:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:6.12:rc5:*:*:*:*:*:* |
|
First Time |
Linux linux Kernel
Linux |
|
References | () https://git.kernel.org/stable/c/13d6ff3ca76056d06a9d88300be2a293442ff595 - Patch | |
References | () https://git.kernel.org/stable/c/275258c30bbda29467216e96fb655b16bcc9992b - Patch | |
References | () https://git.kernel.org/stable/c/314bdf446053e123f37543aa535197ee75f8aa97 - Patch | |
References | () https://git.kernel.org/stable/c/37bb5628379295c1254c113a407cab03a0f4d0b4 - Patch | |
References | () https://git.kernel.org/stable/c/39709ce93f5c3f9eb535efe2afea088805d1128f - Patch | |
References | () https://git.kernel.org/stable/c/44fff2c16c5aafbdb70c7183dae0a415ae74705e - Patch | |
References | () https://git.kernel.org/stable/c/e567fc8f7a4460e486e52c9261b1e8b9f5dc42aa - Patch | |
References | () https://git.kernel.org/stable/c/e6ceb04eeb6115d872d4c4078d12f1170ed755ce - Patch |
19 Nov 2024, 21:57
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
19 Nov 2024, 02:16
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-11-19 02:16
Updated : 2024-11-21 19:27
NVD link : CVE-2024-50267
Mitre link : CVE-2024-50267
CVE.ORG link : CVE-2024-50267
JSON object : View
Products Affected
linux
- linux_kernel
CWE
CWE-416
Use After Free