5.5

CVE-2024-40967

serial: imx: Introduce timeout when waiting on transmitter empty

In the Linux kernel, the following vulnerability has been resolved:

serial: imx: Introduce timeout when waiting on transmitter empty

By waiting at most 1 second for USR2_TXDC to be set, we avoid a potential
deadlock.

In case of the timeout, there is not much we can do, so we simply ignore
the transmitter state and optimistically try to continue.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version < 5.15.162
LinuxLinux Kernel Version >= 5.16 < 6.1.96
LinuxLinux Kernel Version >= 6.2 < 6.6.36
LinuxLinux Kernel Version >= 6.7 < 6.9.7
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.22% 0.125
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE-667 Improper Locking

The product does not properly acquire or release a lock on a resource, leading to unexpected resource state changes and behaviors.

https://git.kernel.org/stable/c/53b2c95547427c358f45515a9f144efee95e3701
Patch
https://git.kernel.org/stable/c/7f2b9ab6d0b26f16cd38dd9fd91d51899635f7c7
Patch
https://git.kernel.org/stable/c/7f9e70c68b7ace0141fe3bc94bf7b61296b71916
Patch
https://git.kernel.org/stable/c/982ae3376c4c91590d38dc8a676c10f7df048a44
Patch
https://git.kernel.org/stable/c/e533e4c62e9993e62e947ae9bbec34e4c7ae81c2
Patch
https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html