CVE-2024-40967

Summary

In the Linux kernel, the following vulnerability has been resolved:

serial: imx: Introduce timeout when waiting on transmitter empty

By waiting at most 1 second for USR2_TXDC to be set, we avoid a potential deadlock.

In case of the timeout, there is not much we can do, so we simply ignore the transmitter state and optimistically try to continue.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux9ec1882df244c4ee1baa692676fef5e8b0f5487d < 7f2b9ab6d0b26f16cd38dd9fd91d51899635f7c7affected
LinuxLinux9ec1882df244c4ee1baa692676fef5e8b0f5487d < 7f9e70c68b7ace0141fe3bc94bf7b61296b71916affected
LinuxLinux9ec1882df244c4ee1baa692676fef5e8b0f5487d < 982ae3376c4c91590d38dc8a676c10f7df048a44affected
LinuxLinux9ec1882df244c4ee1baa692676fef5e8b0f5487d < 53b2c95547427c358f45515a9f144efee95e3701affected
LinuxLinux9ec1882df244c4ee1baa692676fef5e8b0f5487d < e533e4c62e9993e62e947ae9bbec34e4c7ae81c2affected
LinuxLinuxc096552004244868391b29f319ea8889d55abe19affected
LinuxLinux86236252d2449313bdbac790023cbc957bf6e426affected
LinuxLinux34d4dda865d8174f4a437f313c457c42a8fa9535affected
LinuxLinux3.2.30 < 3.3affected
LinuxLinux3.4.12 < 3.5affected
LinuxLinux3.5.5 < 3.6affected
LinuxLinux3.6affected
LinuxLinux0 < 3.6unaffected
LinuxLinux5.15.162 <= 5.15.*unaffected
LinuxLinux6.1.96 <= 6.1.*unaffected
LinuxLinux6.6.36 <= 6.6.*unaffected
LinuxLinux6.9.7 <= 6.9.*unaffected
LinuxLinux6.10 <= *unaffected

Weaknesses

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References