CVE-2024-43893

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2024-43893
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-43893.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2024-43893
Downstream
Related
Published
2024-08-26T10:10:48.046Z
Modified
2025-11-28T02:34:59.017662Z
Summary
serial: core: check uartclk for zero to avoid divide by zero
Details

In the Linux kernel, the following vulnerability has been resolved:

serial: core: check uartclk for zero to avoid divide by zero

Calling ioctl TIOCSSERIAL with an invalid baudbase can result in uartclk being zero, which will result in a divide by zero error in uartgetdivisor(). The check for uartclk being zero in uartset_info() needs to be done before other settings are made as subsequent calls to ioctl TIOCSSERIAL for the same port would be impacted if the uartclk check was done where uartclk gets set.

Oops: divide error: 0000 PREEMPT SMP KASAN PTI RIP: 0010:uartgetdivisor (drivers/tty/serial/serialcore.c:580) Call Trace: <TASK> serial8250getdivisor (drivers/tty/serial/8250/8250port.c:2576 drivers/tty/serial/8250/8250port.c:2589) serial8250dosettermios (drivers/tty/serial/8250/8250port.c:502 drivers/tty/serial/8250/8250port.c:2741) serial8250settermios (drivers/tty/serial/8250/8250port.c:2862) uartchangelinesettings (./include/linux/spinlock.h:376 ./include/linux/serialcore.h:608 drivers/tty/serial/serialcore.c:222) uartportstartup (drivers/tty/serial/serialcore.c:342) uartstartup (drivers/tty/serial/serialcore.c:368) uartsetinfo (drivers/tty/serial/serialcore.c:1034) uartsetinfouser (drivers/tty/serial/serialcore.c:1059) ttysetserial (drivers/tty/ttyio.c:2637) ttyioctl (drivers/tty/ttyio.c:2647 drivers/tty/ttyio.c:2791) _x64sysioctl (fs/ioctl.c:52 fs/ioctl.c:907 fs/ioctl.c:893 fs/ioctl.c:893) dosyscall64 (arch/x86/entry/common.c:52 (discriminator 1) arch/x86/entry/common.c:83 (discriminator 1)) entrySYSCALL64afterhwframe (arch/x86/entry/entry64.S:130)

Rule: add

Database specific 
{
    "cna_assigner": "Linux",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/43xxx/CVE-2024-43893.json"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
Fixed
3bbd90fca824e6fd61fb20f6dd2b0fa5f8b14bba
Fixed
55b2a5d331a6ceb1c4372945fdb77181265ba24f
Fixed
52b138f1021113e593ee6ad258ce08fe90693a9e
Fixed
9196e42a3b8eeff1707e6ef769112b4b6096be49
Fixed
e13ba3fe5ee070f8a9dab60029d52b1f61da5051
Fixed
e3ad503876283ac3fcca922a1bf243ef9eb0b0e2
Fixed
68dc02f319b9ee54dc23caba742a5c754d1cccc8
Fixed
6eabce6608d6f3440f4c03aa3d3ef50a47a3d193

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.19.320
Type
ECOSYSTEM
Events
Introduced
4.20.0
Fixed
5.4.282
Type
ECOSYSTEM
Events
Introduced
5.5.0
Fixed
5.10.224
Type
ECOSYSTEM
Events
Introduced
5.11.0
Fixed
5.15.165
Type
ECOSYSTEM
Events
Introduced
5.16.0
Fixed
6.1.105
Type
ECOSYSTEM
Events
Introduced
6.2.0
Fixed
6.6.46
Type
ECOSYSTEM
Events
Introduced
6.7.0
Fixed
6.10.5