What is the severity of CVE-2024-56670?

CVE-2024-56670 has been classified with a severity that may lead to kernel crashes under certain conditions.

How do I fix CVE-2024-56670?

To fix CVE-2024-56670, upgrade the Linux kernel to a version that includes the patch for this vulnerability.

Which versions of Linux kernel are vulnerable to CVE-2024-56670?

CVE-2024-56670 affects multiple versions of the Linux kernel including versions between 2.6.27 and 5.4.288, 5.5 and 5.10.232, and others up to 6.13-rc2.

What causes CVE-2024-56670?

CVE-2024-56670 is caused by a null pointer dereference when the u_serial driver is accessed by multiple threads.

Is CVE-2024-56670 a local or remote vulnerability?

CVE-2024-56670 is primarily a local vulnerability that can be exploited by processes running on the affected machine.

Vulnerability/
CVE-2024-56670

medium

5.5

CWE

476

27/12/2024

20/1/2025

CVE-2024-56670: usb: gadget: u_serial: Fix the issue that gs_start_io crashed due to accessing null pointer

First published: Fri Dec 27 2024(Updated: )

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: u_serial: Fix the issue that gs_start_io crashed due to accessing null pointer Considering that in some extreme cases, when u_serial driver is accessed by multiple threads, Thread A is executing the open operation and calling the gs_open, Thread B is executing the disconnect operation and calling the gserial_disconnect function,The port->port_usb pointer will be set to NULL. E.g. Thread A Thread B gs_open() gadget_unbind_driver() gs_start_io() composite_disconnect() gs_start_rx() gserial_disconnect() ... ... spin_unlock(&port->port_lock) status = usb_ep_queue() spin_lock(&port->port_lock) spin_lock(&port->port_lock) port->port_usb = NULL gs_free_requests(port->port_usb->in) spin_unlock(&port->port_lock) Crash This causes thread A to access a null pointer (port->port_usb is null) when calling the gs_free_requests function, causing a crash. If port_usb is NULL, the release request will be skipped as it will be done by gserial_disconnect. So add a null pointer check to gs_start_io before attempting to access the value of the pointer port->port_usb. Call trace: gs_start_io+0x164/0x25c gs_open+0x108/0x13c tty_open+0x314/0x638 chrdev_open+0x1b8/0x258 do_dentry_open+0x2c4/0x700 vfs_open+0x2c/0x3c path_openat+0xa64/0xc60 do_filp_open+0xb8/0x164 do_sys_openat2+0x84/0xf0 __arm64_sys_openat+0x70/0x9c invoke_syscall+0x58/0x114 el0_svc_common+0x80/0xe0 do_el0_svc+0x1c/0x28 el0_svc+0x38/0x68

Credit: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Affected Software	Affected Version	How to fix
Linux Kernel	>=2.6.27<5.4.288
Linux Kernel	>=5.5<5.10.232
Linux Kernel	>=5.11<5.15.175
Linux Kernel	>=5.16<6.1.121
Linux Kernel	>=6.2<6.6.67
Linux Kernel	>=6.7<6.12.6
Linux Kernel	=6.13-rc1
Linux Kernel	=6.13-rc2

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2024-56670?
CVE-2024-56670 has been classified with a severity that may lead to kernel crashes under certain conditions.
How do I fix CVE-2024-56670?
To fix CVE-2024-56670, upgrade the Linux kernel to a version that includes the patch for this vulnerability.
Which versions of Linux kernel are vulnerable to CVE-2024-56670?
CVE-2024-56670 affects multiple versions of the Linux kernel including versions between 2.6.27 and 5.4.288, 5.5 and 5.10.232, and others up to 6.13-rc2.
What causes CVE-2024-56670?
CVE-2024-56670 is caused by a null pointer dereference when the u_serial driver is accessed by multiple threads.
Is CVE-2024-56670 a local or remote vulnerability?
CVE-2024-56670 is primarily a local vulnerability that can be exploited by processes running on the affected machine.

agent/references
agent/title
agent/type
agent/description
agent/first-publish-date
agent/author
agent/event
agent/severity
agent/weakness
agent/remedy
agent/softwarecombine
agent/source
agent/tags
collector/mitre-cve
source/MITRE
agent/last-modified-date
collector/nvd-api
source/NVD
agent/software-canonical-lookup
agent/software-canonical-lookup-request
vendor/linux
canonical/linux kernel
version/linux kernel/2.6.27
version/linux kernel/5.5
version/linux kernel/5.11
version/linux kernel/5.16
version/linux kernel/6.2
version/linux kernel/6.7
version/linux kernel/6.13-rc1
version/linux kernel/6.13-rc2

CVE-2024-56670: usb: gadget: u_serial: Fix the issue that gs_start_io crashed due to accessing null pointer

Remedy

Remedy

Remedy

Remedy

Remedy

Remedy

Remedy

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2024-56670?

How do I fix CVE-2024-56670?

Which versions of Linux kernel are vulnerable to CVE-2024-56670?

What causes CVE-2024-56670?

Is CVE-2024-56670 a local or remote vulnerability?

Company

Resources

Contact

Frequently Asked Questions

What is the severity of CVE-2024-56670?

How do I fix CVE-2024-56670?

Which versions of Linux kernel are vulnerable to CVE-2024-56670?

What causes CVE-2024-56670?

Is CVE-2024-56670 a local or remote vulnerability?