Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ubuntucveUbuntu.comUB:CVE-2024-42244
HistoryAug 07, 2024 - 12:00 a.m.

CVE-2024-42244

2024-08-0700:00:00
ubuntu.com
ubuntu.com
5
kernel
usb
vulnerability
mos7840
patch
linux
driver

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

AI Score

6.8

Confidence

High

EPSS

0

Percentile

5.0%

JSON

In the Linux kernel, the following vulnerability has been resolved:
USB: serial: mos7840: fix crash on resume
Since commit c49cfa917025 (“USB: serial: use generic method if no
alternative is provided in usb serial layer”), USB serial core calls the
generic resume implementation when the driver has not provided one.
This can trigger a crash on resume with mos7840 since support for
multiple read URBs was added back in 2011. Specifically, both port read
URBs are now submitted on resume for open ports, but the context pointer
of the second URB is left set to the core rather than mos7840 port
structure.
Fix this by implementing dedicated suspend and resume functions for
mos7840.
Tested with Delock 87414 USB 2.0 to 4x serial adapter.
[ johan: analyse crash and rewrite commit message; set busy flag on
resume; drop bulk-in check; drop unnecessary usb_kill_urb() ]

Related

cbl_mariner 2
vulnrichment 1
cvelist 1
osv 12
cve 1
redhatcve 1
debiancve 1
nvd 1
nessus 13
openvas 5
oraclelinux 1
cbl_mariner
cbl_mariner
CVE-2024-42244 affecting package kernel for versions less than 6.6.43.1-7
2024-08-14 20:43:58
CVE-2024-42244 affecting package kernel for versions less than 5.15.164.1-1
2024-08-20 21:54:44
vulnrichment
vulnrichment
CVE-2024-42244 USB: serial: mos7840: fix crash on resume
2024-08-07 15:14:30
cvelist
cvelist
CVE-2024-42244 USB: serial: mos7840: fix crash on resume
2024-08-07 15:14:30
osv
osv
CVE-2024-42244
2024-08-07 16:15:47
linux - security update
2024-08-12 00:00:00
Security update for the Linux Kernel
2024-09-10 08:45:03
cve
cve
CVE-2024-42244
2024-08-07 16:15:47
redhatcve
redhatcve
CVE-2024-42244
2024-08-08 17:47:41
debiancve
debiancve
CVE-2024-42244
2024-08-07 16:15:47
nvd
nvd
CVE-2024-42244
2024-08-07 16:15:47
nessus
nessus
CBL Mariner 2.0 Security Update: kernel (CVE-2024-42244)
2024-08-22 00:00:00
Debian dsa-5747 : affs-modules-5.10.0-29-4kc-malta-di - security update
2024-08-12 00:00:00
SUSE SLES12 Security Update : kernel (SUSE-SU-2024:3189-1)
2024-09-11 00:00:00
openvas
openvas
Debian: Security Advisory (DSA-5747-1)
2024-08-13 00:00:00
SUSE: Security Advisory (SUSE-SU-2024:3252-1)
2024-09-17 00:00:00
Ubuntu: Security Advisory (USN-7009-1)
2024-09-16 00:00:00
oraclelinux
oraclelinux
Unbreakable Enterprise kernel security update
2024-09-12 00:00:00

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

AI Score

6.8

Confidence

High

EPSS

0

Percentile

5.0%

JSON
Related for UB:CVE-2024-42244
cbl_mariner2vulnrichment1cvelist1osv12cve1redhatcve1debiancve1nvd1nessus13openvas5oraclelinux1