CVE-2024-42244

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> USB: serial: mos7840: fix crash on resume<br /> <br /> Since commit c49cfa917025 ("USB: serial: use generic method if no<br /> alternative is provided in usb serial layer"), USB serial core calls the<br /> generic resume implementation when the driver has not provided one.<br /> <br /> This can trigger a crash on resume with mos7840 since support for<br /> multiple read URBs was added back in 2011. Specifically, both port read<br /> URBs are now submitted on resume for open ports, but the context pointer<br /> of the second URB is left set to the core rather than mos7840 port<br /> structure.<br /> <br /> Fix this by implementing dedicated suspend and resume functions for<br /> mos7840.<br /> <br /> Tested with Delock 87414 USB 2.0 to 4x serial adapter.<br /> <br /> [ johan: analyse crash and rewrite commit message; set busy flag on<br /> resume; drop bulk-in check; drop unnecessary usb_kill_urb() ]