CVE-2024-38634 – In the Linux kernel, the following vulnerability h

CVE ID : CVE-2024-38634

Published : June 21, 2024, 11:15 a.m. | 1 hour, 4 minutes ago

Description : In the Linux kernel, the following vulnerability has been resolved:

serial: max3100: Lock port->lock when calling uart_handle_cts_change()

uart_handle_cts_change() has to be called with port lock taken,
Since we run it in a separate work, the lock may not be taken at
the time of running. Make sure that it’s taken by explicitly doing
that. Without it we got a splat:

WARNING: CPU: 0 PID: 10 at drivers/tty/serial/serial_core.c:3491 uart_handle_cts_change+0xa6/0xb0

Workqueue: max3100-0 max3100_work [max3100]
RIP: 0010:uart_handle_cts_change+0xa6/0xb0

max3100_handlerx+0xc5/0x110 [max3100]
max3100_work+0x12a/0x340 [max3100]

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…CVE ID : CVE-2024-38634

Published : June 21, 2024, 11:15 a.m. | 1 hour, 4 minutes ago

Description : In the Linux kernel, the following vulnerability has been resolved:

serial: max3100: Lock port->lock when calling uart_handle_cts_change()

uart_handle_cts_change() has to be called with port lock taken,
Since we run it in a separate work, the lock may not be taken at
the time of running. Make sure that it’s taken by explicitly doing
that. Without it we got a splat:

WARNING: CPU: 0 PID: 10 at drivers/tty/serial/serial_core.c:3491 uart_handle_cts_change+0xa6/0xb0

Workqueue: max3100-0 max3100_work [max3100]
RIP: 0010:uart_handle_cts_change+0xa6/0xb0

max3100_handlerx+0xc5/0x110 [max3100]
max3100_work+0x12a/0x340 [max3100]

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…