Instituto Nacional de ciberseguridad. Sección Incibe
Instituto Nacional de Ciberseguridad. Sección INCIBE-CERT

Go to Calendar     Go to Press Room     Go to Newsletters subscription

Search

CVE-2024-43893

Severity CVSS v4.0:
Pending analysis
Type:
CWE-369 Divide By Zero
Publication date:
26/08/2024
Last modified:
03/11/2025

Description

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> serial: core: check uartclk for zero to avoid divide by zero<br /> <br /> Calling ioctl TIOCSSERIAL with an invalid baud_base can<br /> result in uartclk being zero, which will result in a<br /> divide by zero error in uart_get_divisor(). The check for<br /> uartclk being zero in uart_set_info() needs to be done<br /> before other settings are made as subsequent calls to<br /> ioctl TIOCSSERIAL for the same port would be impacted if<br /> the uartclk check was done where uartclk gets set.<br /> <br /> Oops: divide error: 0000 PREEMPT SMP KASAN PTI<br /> RIP: 0010:uart_get_divisor (drivers/tty/serial/serial_core.c:580)<br /> Call Trace:<br /> <br /> serial8250_get_divisor (drivers/tty/serial/8250/8250_port.c:2576<br /> drivers/tty/serial/8250/8250_port.c:2589)<br /> serial8250_do_set_termios (drivers/tty/serial/8250/8250_port.c:502<br /> drivers/tty/serial/8250/8250_port.c:2741)<br /> serial8250_set_termios (drivers/tty/serial/8250/8250_port.c:2862)<br /> uart_change_line_settings (./include/linux/spinlock.h:376<br /> ./include/linux/serial_core.h:608 drivers/tty/serial/serial_core.c:222)<br /> uart_port_startup (drivers/tty/serial/serial_core.c:342)<br /> uart_startup (drivers/tty/serial/serial_core.c:368)<br /> uart_set_info (drivers/tty/serial/serial_core.c:1034)<br /> uart_set_info_user (drivers/tty/serial/serial_core.c:1059)<br /> tty_set_serial (drivers/tty/tty_io.c:2637)<br /> tty_ioctl (drivers/tty/tty_io.c:2647 drivers/tty/tty_io.c:2791)<br /> __x64_sys_ioctl (fs/ioctl.c:52 fs/ioctl.c:907<br /> fs/ioctl.c:893 fs/ioctl.c:893)<br /> do_syscall_64 (arch/x86/entry/common.c:52<br /> (discriminator 1) arch/x86/entry/common.c:83 (discriminator 1))<br /> entry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:130)<br /> <br /> Rule: add

Impact

Vector 3.x
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS v3.1 Severity and Metrics:

Base Score: 5.50 MEDIUM
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Attack Vector (AV): Local
Attack Complexity (AC): Low
Privileges Required (PR): Low
User Interaction (UI): None
Scope (S): Unchanged
Confidentiality (C): None
Integrity (I): None
Availability (A): High

Base Score 3.x
5.50
Severity 3.x
MEDIUM

Vulnerable products and versions

CPE From Up to
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* 4.19.320 (excluding)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* 4.20 (including) 5.4.282 (excluding)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* 5.5 (including) 5.10.224 (excluding)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* 5.11 (including) 5.15.165 (excluding)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* 5.16 (including) 6.1.105 (excluding)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* 6.2 (including) 6.6.46 (excluding)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* 6.7 (including) 6.10.5 (excluding)
cpe:2.3:o:linux:linux_kernel:6.11:rc1:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.11:rc2:*:*:*:*:*:*

To consult the complete list of CPE names with products and versions, see this page


References to Advisories, Solutions, and Tools