7.8
CVE-2024-50267
- EPSS 0.28%
- Veröffentlicht 19.11.2024 02:16:28
- Zuletzt bearbeitet 03.11.2025 23:17:08
- CVE-Watchlists
- Unerledigt
USB: serial: io_edgeport: fix use after free in debug printk
In the Linux kernel, the following vulnerability has been resolved: USB: serial: io_edgeport: fix use after free in debug printk The "dev_dbg(&urb->dev->dev, ..." which happens after usb_free_urb(urb) is a use after free of the "urb" pointer. Store the "dev" pointer at the start of the function to avoid this issue.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version >= 3.7 < 4.19.324
Linux ≫ Linux Kernel Version >= 4.20 < 5.4.286
Linux ≫ Linux Kernel Version >= 5.5 < 5.10.230
Linux ≫ Linux Kernel Version >= 5.11 < 5.15.172
Linux ≫ Linux Kernel Version >= 5.16 < 6.1.117
Linux ≫ Linux Kernel Version >= 6.2 < 6.6.61
Linux ≫ Linux Kernel Version >= 6.7 < 6.11.8
Linux ≫ Linux Kernel Version6.12 Updaterc1
Linux ≫ Linux Kernel Version6.12 Updaterc2
Linux ≫ Linux Kernel Version6.12 Updaterc3
Linux ≫ Linux Kernel Version6.12 Updaterc4
Linux ≫ Linux Kernel Version6.12 Updaterc5
Linux ≫ Linux Kernel Version6.12 Updaterc6
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.28% | 0.199 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.8 | 1.8 | 5.9 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 7.8 | 1.8 | 5.9 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
|
CWE-416 Use After Free
The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.
https://git.kernel.org/stable/c/13d6ff3ca76056d06a9d88300be2a293442ff595
https://git.kernel.org/stable/c/275258c30bbda29467216e96fb655b16bcc9992b
https://git.kernel.org/stable/c/314bdf446053e123f37543aa535197ee75f8aa97
https://git.kernel.org/stable/c/37bb5628379295c1254c113a407cab03a0f4d0b4
https://git.kernel.org/stable/c/39709ce93f5c3f9eb535efe2afea088805d1128f
https://git.kernel.org/stable/c/44fff2c16c5aafbdb70c7183dae0a415ae74705e
https://git.kernel.org/stable/c/e567fc8f7a4460e486e52c9261b1e8b9f5dc42aa
https://git.kernel.org/stable/c/e6ceb04eeb6115d872d4c4078d12f1170ed755ce
https://lists.debian.org/debian-lts-announce/2025/03/msg00002.html
https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html