CVE-2024-50267

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2024-50267
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-50267.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2024-50267
Downstream
Related
Published
2024-11-19T01:30:03.929Z
Modified
2026-03-11T07:47:20.625437Z
Severity
  • 7.8 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
USB: serial: io_edgeport: fix use after free in debug printk
Details

In the Linux kernel, the following vulnerability has been resolved:

USB: serial: io_edgeport: fix use after free in debug printk

The "devdbg(&urb->dev->dev, ..." which happens after usbfree_urb(urb) is a use after free of the "urb" pointer. Store the "dev" pointer at the start of the function to avoid this issue.

Database specific 
{
    "cna_assigner": "Linux",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/50xxx/CVE-2024-50267.json"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
984f68683298ba53af32f909de1f9452fbb37ccb
Fixed
e6ceb04eeb6115d872d4c4078d12f1170ed755ce
Fixed
39709ce93f5c3f9eb535efe2afea088805d1128f
Fixed
e567fc8f7a4460e486e52c9261b1e8b9f5dc42aa
Fixed
44fff2c16c5aafbdb70c7183dae0a415ae74705e
Fixed
275258c30bbda29467216e96fb655b16bcc9992b
Fixed
13d6ff3ca76056d06a9d88300be2a293442ff595
Fixed
314bdf446053e123f37543aa535197ee75f8aa97
Fixed
37bb5628379295c1254c113a407cab03a0f4d0b4

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-50267.json"