Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
osvGoogleOSV:CVE-2024-43893
HistoryAug 26, 2024 - 11:15 a.m.

CVE-2024-43893

2024-08-2611:15:04
Google
osv.dev
linux kernel
vulnerability
cve-2024-43893
uartclk
serial core
divide by zero
ioctl
tiocsserial
uart_get_divisor
serial8250
set termios
startup
software

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

AI Score

6.6

Confidence

Low

JSON

In the Linux kernel, the following vulnerability has been resolved:

serial: core: check uartclk for zero to avoid divide by zero

Calling ioctl TIOCSSERIAL with an invalid baud_base can
result in uartclk being zero, which will result in a
divide by zero error in uart_get_divisor(). The check for
uartclk being zero in uart_set_info() needs to be done
before other settings are made as subsequent calls to
ioctl TIOCSSERIAL for the same port would be impacted if
the uartclk check was done where uartclk gets set.

Oops: divide error: 0000 PREEMPT SMP KASAN PTI
RIP: 0010:uart_get_divisor (drivers/tty/serial/serial_core.c:580)
Call Trace:
<TASK>
serial8250_get_divisor (drivers/tty/serial/8250/8250_port.c:2576
drivers/tty/serial/8250/8250_port.c:2589)
serial8250_do_set_termios (drivers/tty/serial/8250/8250_port.c:502
drivers/tty/serial/8250/8250_port.c:2741)
serial8250_set_termios (drivers/tty/serial/8250/8250_port.c:2862)
uart_change_line_settings (./include/linux/spinlock.h:376
./include/linux/serial_core.h:608 drivers/tty/serial/serial_core.c:222)
uart_port_startup (drivers/tty/serial/serial_core.c:342)
uart_startup (drivers/tty/serial/serial_core.c:368)
uart_set_info (drivers/tty/serial/serial_core.c:1034)
uart_set_info_user (drivers/tty/serial/serial_core.c:1059)
tty_set_serial (drivers/tty/tty_io.c:2637)
tty_ioctl (drivers/tty/tty_io.c:2647 drivers/tty/tty_io.c:2791)
__x64_sys_ioctl (fs/ioctl.c:52 fs/ioctl.c:907
fs/ioctl.c:893 fs/ioctl.c:893)
do_syscall_64 (arch/x86/entry/common.c:52
(discriminator 1) arch/x86/entry/common.c:83 (discriminator 1))
entry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:130)

Rule: add

Related

vulnrichment 1
ubuntucve 1
debiancve 1
nvd 1
cve 1
redhatcve 1
cvelist 1
photon 1
nessus 8
openvas 1
osv 7
vulnrichment
vulnrichment
CVE-2024-43893 serial: core: check uartclk for zero to avoid divide by zero
2024-08-26 10:10:48
ubuntucve
ubuntucve
CVE-2024-43893
2024-08-26 00:00:00
debiancve
debiancve
CVE-2024-43893
2024-08-26 11:15:04
nvd
nvd
CVE-2024-43893
2024-08-26 11:15:04
cve
cve
CVE-2024-43893
2024-08-26 11:15:04
redhatcve
redhatcve
CVE-2024-43893
2024-08-27 15:10:42
cvelist
cvelist
CVE-2024-43893 serial: core: check uartclk for zero to avoid divide by zero
2024-08-26 10:10:48
photon
photon
Important Photon OS Security Update - PHSA-2024-4.0-0677
2024-08-28 00:00:00
nessus
nessus
Photon OS 4.0: Linux PHSA-2024-4.0-0677
2024-09-06 00:00:00
SUSE SLES12 Security Update : kernel (SUSE-SU-2024:3252-1)
2024-09-17 00:00:00
SUSE SLES12 Security Update : kernel (SUSE-SU-2024:3189-1)
2024-09-11 00:00:00
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2024:3252-1)
2024-09-17 00:00:00
osv
osv
Security update for the Linux Kernel
2024-09-16 08:57:49
Security update for the Linux Kernel
2024-09-10 08:45:03
Security update for the Linux Kernel
2024-09-16 08:58:05

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

AI Score

6.6

Confidence

Low

JSON
Related for OSV:CVE-2024-43893
vulnrichment1ubuntucve1debiancve1nvd1cve1redhatcve1cvelist1photon1nessus8openvas1osv7