Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2024-43893— serial: core: check uartclk for zero to avoid divide by zero

EPSS 0.01% · P2

Affected Version Matrix 18

VendorProductVersion RangeStatus
LinuxLinux1da177e4c3f41524e886b7f1b8a0c1fc7321cac2< 3bbd90fca824e6fd61fb20f6dd2b0fa5f8b14bbaaffected
1da177e4c3f41524e886b7f1b8a0c1fc7321cac2< 55b2a5d331a6ceb1c4372945fdb77181265ba24faffected
1da177e4c3f41524e886b7f1b8a0c1fc7321cac2< 52b138f1021113e593ee6ad258ce08fe90693a9eaffected
1da177e4c3f41524e886b7f1b8a0c1fc7321cac2< 9196e42a3b8eeff1707e6ef769112b4b6096be49affected
1da177e4c3f41524e886b7f1b8a0c1fc7321cac2< e13ba3fe5ee070f8a9dab60029d52b1f61da5051affected
1da177e4c3f41524e886b7f1b8a0c1fc7321cac2< e3ad503876283ac3fcca922a1bf243ef9eb0b0e2affected
1da177e4c3f41524e886b7f1b8a0c1fc7321cac2< 68dc02f319b9ee54dc23caba742a5c754d1cccc8affected
1da177e4c3f41524e886b7f1b8a0c1fc7321cac2< 6eabce6608d6f3440f4c03aa3d3ef50a47a3d193affected
… +10 more rows
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2024-43893

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
serial: core: check uartclk for zero to avoid divide by zero
Source: NVD (National Vulnerability Database)
Vulnerability Description
In the Linux kernel, the following vulnerability has been resolved: serial: core: check uartclk for zero to avoid divide by zero Calling ioctl TIOCSSERIAL with an invalid baud_base can result in uartclk being zero, which will result in a divide by zero error in uart_get_divisor(). The check for uartclk being zero in uart_set_info() needs to be done before other settings are made as subsequent calls to ioctl TIOCSSERIAL for the same port would be impacted if the uartclk check was done where uartclk gets set. Oops: divide error: 0000 PREEMPT SMP KASAN PTI RIP: 0010:uart_get_divisor (drivers/tty/serial/serial_core.c:580) Call Trace: <TASK> serial8250_get_divisor (drivers/tty/serial/8250/8250_port.c:2576 drivers/tty/serial/8250/8250_port.c:2589) serial8250_do_set_termios (drivers/tty/serial/8250/8250_port.c:502 drivers/tty/serial/8250/8250_port.c:2741) serial8250_set_termios (drivers/tty/serial/8250/8250_port.c:2862) uart_change_line_settings (./include/linux/spinlock.h:376 ./include/linux/serial_core.h:608 drivers/tty/serial/serial_core.c:222) uart_port_startup (drivers/tty/serial/serial_core.c:342) uart_startup (drivers/tty/serial/serial_core.c:368) uart_set_info (drivers/tty/serial/serial_core.c:1034) uart_set_info_user (drivers/tty/serial/serial_core.c:1059) tty_set_serial (drivers/tty/tty_io.c:2637) tty_ioctl (drivers/tty/tty_io.c:2647 drivers/tty/tty_io.c:2791) __x64_sys_ioctl (fs/ioctl.c:52 fs/ioctl.c:907 fs/ioctl.c:893 fs/ioctl.c:893) do_syscall_64 (arch/x86/entry/common.c:52 (discriminator 1) arch/x86/entry/common.c:83 (discriminator 1)) entry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:130) Rule: add
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Linux kernel 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Linux kernel是美国Linux基金会的开源操作系统Linux所使用的内核。 Linux kernel存在安全漏洞,该漏洞源于在uart_get_divisor函数中存在除以零的问题。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
LinuxLinux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 ~ 3bbd90fca824e6fd61fb20f6dd2b0fa5f8b14bba -
LinuxLinux 2.6.12 -

II. Public POCs for CVE-2024-43893

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2024-43893

登录查看更多情报信息。

Same Patch Batch · Linux · 2024-08-26 · 39 CVEs total

CVE-2024-44934net: bridge: mcast: wait for previous gc cycles when removing port
CVE-2024-43909drm/amdgpu/pm: Fix the null pointer dereference for smu7
CVE-2024-43910bpf: add missing check_func_arg_reg_off() to prevent out-of-bounds memory accesses
CVE-2024-43911wifi: mac80211: fix NULL dereference at band check in starting tx ba session
CVE-2024-43912wifi: nl80211: disallow setting special AP channel widths
CVE-2024-43913nvme: apple: fix device reference counting
CVE-2024-43914md/raid5: avoid BUG_ON() while continue reshape after reassembling
CVE-2024-44931gpio: prevent potential speculation leaks in gpio_device_get_desc()
CVE-2024-44932idpf: fix UAFs when destroying the queues
CVE-2024-44933bnxt_en : Fix memory out-of-bounds in bnxt_fill_hw_rss_tbl()
CVE-2024-43908drm/amdgpu: Fix the null pointer dereference to ras_manager
CVE-2024-44935sctp: Fix null-ptr-deref in reuseport_add_sock().
CVE-2024-44936power: supply: rt5033: Bring back i2c_set_clientdata
CVE-2024-44937platform/x86: intel-vbtn: Protect ACPI notify handler against recursion
CVE-2024-44938jfs: Fix shift-out-of-bounds in dbDiscardAG
CVE-2024-44939jfs: fix null ptr deref in dtInsertEntry
CVE-2024-44940fou: remove warn in gue_gro_receive on unsupported protocol
CVE-2024-44941f2fs: fix to cover read extent cache access with lock
CVE-2024-44942f2fs: fix to do sanity check on F2FS_INLINE_DATA flag in inode during GC
CVE-2024-43897net: drop bad gso csum_start and offset in virtio_net_hdr

Showing top 20 of 39 CVEs. View all on vendor page &rarr; →

IV. Related Vulnerabilities

Same product: Linux
Same vendor: Linux

V. Comments for CVE-2024-43893

No comments yet

Leave a comment