CVE-2024-43893
N/A
Summary
In the Linux kernel, the following vulnerability has been resolved:
serial: core: check uartclk for zero to avoid divide by zero
Calling ioctl TIOCSSERIAL with an invalid baud_base can result in uartclk being zero, which will result in a divide by zero error in uart_get_divisor(). The check for uartclk being zero in uart_set_info() needs to be done before other settings are made as subsequent calls to ioctl TIOCSSERIAL for the same port would be impacted if the uartclk check was done where uartclk gets set.
Oops: divide error: 0000 PREEMPT SMP KASAN PTI RIP: 0010:uart_get_divisor (drivers/tty/serial/serial_core.c:580) Call Trace: <TASK> serial8250_get_divisor (drivers/tty/serial/8250/8250_port.c:2576 drivers/tty/serial/8250/8250_port.c:2589) serial8250_do_set_termios (drivers/tty/serial/8250/8250_port.c:502 drivers/tty/serial/8250/8250_port.c:2741) serial8250_set_termios (drivers/tty/serial/8250/8250_port.c:2862) uart_change_line_settings (./include/linux/spinlock.h:376 ./include/linux/serial_core.h:608 drivers/tty/serial/serial_core.c:222) uart_port_startup (drivers/tty/serial/serial_core.c:342) uart_startup (drivers/tty/serial/serial_core.c:368) uart_set_info (drivers/tty/serial/serial_core.c:1034) uart_set_info_user (drivers/tty/serial/serial_core.c:1059) tty_set_serial (drivers/tty/tty_io.c:2637) tty_ioctl (drivers/tty/tty_io.c:2647 drivers/tty/tty_io.c:2791) __x64_sys_ioctl (fs/ioctl.c:52 fs/ioctl.c:907 fs/ioctl.c:893 fs/ioctl.c:893) do_syscall_64 (arch/x86/entry/common.c:52 (discriminator 1) arch/x86/entry/common.c:83 (discriminator 1)) entry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:130)
Rule: add
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Linux | Linux | 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 3bbd90fca824e6fd61fb20f6dd2b0fa5f8b14bba | affected |
| Linux | Linux | 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 55b2a5d331a6ceb1c4372945fdb77181265ba24f | affected |
| Linux | Linux | 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 52b138f1021113e593ee6ad258ce08fe90693a9e | affected |
| Linux | Linux | 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 9196e42a3b8eeff1707e6ef769112b4b6096be49 | affected |
| Linux | Linux | 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < e13ba3fe5ee070f8a9dab60029d52b1f61da5051 | affected |
| Linux | Linux | 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < e3ad503876283ac3fcca922a1bf243ef9eb0b0e2 | affected |
| Linux | Linux | 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 68dc02f319b9ee54dc23caba742a5c754d1cccc8 | affected |
| Linux | Linux | 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 6eabce6608d6f3440f4c03aa3d3ef50a47a3d193 | affected |
| Linux | Linux | 2.6.12 | affected |
| Linux | Linux | 0 < 2.6.12 | unaffected |
| Linux | Linux | 4.19.320 <= 4.19.* | unaffected |
| Linux | Linux | 5.4.282 <= 5.4.* | unaffected |
| Linux | Linux | 5.10.224 <= 5.10.* | unaffected |
| Linux | Linux | 5.15.165 <= 5.15.* | unaffected |
| Linux | Linux | 6.1.105 <= 6.1.* | unaffected |
| Linux | Linux | 6.6.46 <= 6.6.* | unaffected |
| Linux | Linux | 6.10.5 <= 6.10.* | unaffected |
| Linux | Linux | 6.11 <= * | unaffected |
Weaknesses
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
CVE Program Container
Additional References
- https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html
- https://lists.debian.org/debian-lts-announce/2024/10/msg00003.html
Additional References
- https://cert-portal.siemens.com/productcert/html/ssa-265688.html
- https://cert-portal.siemens.com/productcert/html/ssa-613116.html
- https://cert-portal.siemens.com/productcert/html/ssa-355557.html
References
- https://git.kernel.org/stable/c/3bbd90fca824e6fd61fb20f6dd2b0fa5f8b14bba
- https://git.kernel.org/stable/c/55b2a5d331a6ceb1c4372945fdb77181265ba24f
- https://git.kernel.org/stable/c/52b138f1021113e593ee6ad258ce08fe90693a9e
- https://git.kernel.org/stable/c/9196e42a3b8eeff1707e6ef769112b4b6096be49
- https://git.kernel.org/stable/c/e13ba3fe5ee070f8a9dab60029d52b1f61da5051
- https://git.kernel.org/stable/c/e3ad503876283ac3fcca922a1bf243ef9eb0b0e2
- https://git.kernel.org/stable/c/68dc02f319b9ee54dc23caba742a5c754d1cccc8
- https://git.kernel.org/stable/c/6eabce6608d6f3440f4c03aa3d3ef50a47a3d193
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.