CVE-2024-27000 - Vulnerability Details

Vendors	Products
Linux	Linux Kernel

Link	Providers
https://git.kernel.org/stable/c/0dc0637e6b16158af85945425821bfd0151adb37
https://git.kernel.org/stable/c/21535ef0ac1945080198fe3e4347ea498205c99a
https://git.kernel.org/stable/c/2c9b943e9924cf1269e44289bc5e60e51b0f5270
https://git.kernel.org/stable/c/479244d68f5d94f3903eced52b093c1e01ddb495
https://git.kernel.org/stable/c/54c4ec5f8c471b7c1137a1f769648549c423c026
https://git.kernel.org/stable/c/56434e295bd446142025913bfdf1587f5e1970ad
https://git.kernel.org/stable/c/5f40fd6ca2cf0bfbc5a5c9e403dfce8ca899ba37
https://git.kernel.org/stable/c/94b0e65c75f4af888ab2dd6c90f060f762924e86
https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html
https://lore.kernel.org/linux-cve-announce/2024050146-CVE-2024-27000-c789@gregkh/T
https://nvd.nist.gov/vuln/detail/CVE-2024-27000
https://www.cve.org/CVERecord?id=CVE-2024-27000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Type	Values Removed	Values Added
Weaknesses		CWE-362 CWE-820

Show plain JSON

{"dataType": "CVE_RECORD", "cveMetadata": {"cveId": "CVE-2024-27000", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2024-02-19T14:20:24.207Z", "datePublished": "2024-05-01T05:28:35.749Z", "dateUpdated": "2025-05-04T09:01:51.767Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2025-05-04T09:01:51.767Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nserial: mxs-auart: add spinlock around changing cts state\n\nThe uart_handle_cts_change() function in serial_core expects the caller\nto hold uport->lock. For example, I have seen the below kernel splat,\nwhen the Bluetooth driver is loaded on an i.MX28 board.\n\n    [   85.119255] ------------[ cut here ]------------\n    [   85.124413] WARNING: CPU: 0 PID: 27 at /drivers/tty/serial/serial_core.c:3453 uart_handle_cts_change+0xb4/0xec\n    [   85.134694] Modules linked in: hci_uart bluetooth ecdh_generic ecc wlcore_sdio configfs\n    [   85.143314] CPU: 0 PID: 27 Comm: kworker/u3:0 Not tainted 6.6.3-00021-gd62a2f068f92 #1\n    [   85.151396] Hardware name: Freescale MXS (Device Tree)\n    [   85.156679] Workqueue: hci0 hci_power_on [bluetooth]\n    (...)\n    [   85.191765]  uart_handle_cts_change from mxs_auart_irq_handle+0x380/0x3f4\n    [   85.198787]  mxs_auart_irq_handle from __handle_irq_event_percpu+0x88/0x210\n    (...)"}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/tty/serial/mxs-auart.c"], "versions": [{"version": "4d90bb147ef6b91f529a21b498ff2b5fdc6785b4", "lessThan": "56434e295bd446142025913bfdf1587f5e1970ad", "status": "affected", "versionType": "git"}, {"version": "4d90bb147ef6b91f529a21b498ff2b5fdc6785b4", "lessThan": "21535ef0ac1945080198fe3e4347ea498205c99a", "status": "affected", "versionType": "git"}, {"version": "4d90bb147ef6b91f529a21b498ff2b5fdc6785b4", "lessThan": "0dc0637e6b16158af85945425821bfd0151adb37", "status": "affected", "versionType": "git"}, {"version": "4d90bb147ef6b91f529a21b498ff2b5fdc6785b4", "lessThan": "479244d68f5d94f3903eced52b093c1e01ddb495", "status": "affected", "versionType": "git"}, {"version": "4d90bb147ef6b91f529a21b498ff2b5fdc6785b4", "lessThan": "2c9b943e9924cf1269e44289bc5e60e51b0f5270", "status": "affected", "versionType": "git"}, {"version": "4d90bb147ef6b91f529a21b498ff2b5fdc6785b4", "lessThan": "5f40fd6ca2cf0bfbc5a5c9e403dfce8ca899ba37", "status": "affected", "versionType": "git"}, {"version": "4d90bb147ef6b91f529a21b498ff2b5fdc6785b4", "lessThan": "94b0e65c75f4af888ab2dd6c90f060f762924e86", "status": "affected", "versionType": "git"}, {"version": "4d90bb147ef6b91f529a21b498ff2b5fdc6785b4", "lessThan": "54c4ec5f8c471b7c1137a1f769648549c423c026", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/tty/serial/mxs-auart.c"], "versions": [{"version": "3.18", "status": "affected"}, {"version": "0", "lessThan": "3.18", "status": "unaffected", "versionType": "semver"}, {"version": "4.19.313", "lessThanOrEqual": "4.19.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.4.275", "lessThanOrEqual": "5.4.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.10.216", "lessThanOrEqual": "5.10.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.15.158", "lessThanOrEqual": "5.15.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.1.88", "lessThanOrEqual": "6.1.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.6.29", "lessThanOrEqual": "6.6.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.8.8", "lessThanOrEqual": "6.8.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.9", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "3.18", "versionEndExcluding": "4.19.313"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "3.18", "versionEndExcluding": "5.4.275"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "3.18", "versionEndExcluding": "5.10.216"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "3.18", "versionEndExcluding": "5.15.158"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "3.18", "versionEndExcluding": "6.1.88"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "3.18", "versionEndExcluding": "6.6.29"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "3.18", "versionEndExcluding": "6.8.8"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "3.18", "versionEndExcluding": "6.9"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/56434e295bd446142025913bfdf1587f5e1970ad"}, {"url": "https://git.kernel.org/stable/c/21535ef0ac1945080198fe3e4347ea498205c99a"}, {"url": "https://git.kernel.org/stable/c/0dc0637e6b16158af85945425821bfd0151adb37"}, {"url": "https://git.kernel.org/stable/c/479244d68f5d94f3903eced52b093c1e01ddb495"}, {"url": "https://git.kernel.org/stable/c/2c9b943e9924cf1269e44289bc5e60e51b0f5270"}, {"url": "https://git.kernel.org/stable/c/5f40fd6ca2cf0bfbc5a5c9e403dfce8ca899ba37"}, {"url": "https://git.kernel.org/stable/c/94b0e65c75f4af888ab2dd6c90f060f762924e86"}, {"url": "https://git.kernel.org/stable/c/54c4ec5f8c471b7c1137a1f769648549c423c026"}], "title": "serial: mxs-auart: add spinlock around changing cts state", "x_generator": {"engine": "bippy-1.2.0"}}, "adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-27000", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-05-28T17:46:24.840669Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-04T17:47:26.528Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T00:21:05.866Z"}, "title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/56434e295bd446142025913bfdf1587f5e1970ad", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/21535ef0ac1945080198fe3e4347ea498205c99a", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/0dc0637e6b16158af85945425821bfd0151adb37", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/479244d68f5d94f3903eced52b093c1e01ddb495", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/2c9b943e9924cf1269e44289bc5e60e51b0f5270", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/5f40fd6ca2cf0bfbc5a5c9e403dfce8ca899ba37", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/94b0e65c75f4af888ab2dd6c90f060f762924e86", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/54c4ec5f8c471b7c1137a1f769648549c423c026", "tags": ["x_transferred"]}, {"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html", "tags": ["x_transferred"]}]}]}, "dataVersion": "5.1"}

{

dataType : CVE_RECORD (string)

cveMetadata : { »

cveId : CVE-2024-27000 (string)

assignerOrgId : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

state : PUBLISHED (string)

assignerShortName : Linux (string)

dateReserved : 2024-02-19T14:20:24.207Z (string)

datePublished : 2024-05-01T05:28:35.749Z (string)

dateUpdated : 2025-05-04T09:01:51.767Z (string)

}

containers : { »

cna : { »

providerMetadata : { »

orgId : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

shortName : Linux (string)

dateUpdated : 2025-05-04T09:01:51.767Z (string)

}

descriptions : [ »

0 : { »

lang : en (string)

value : In the Linux kernel, the following vulnerability has been resolved: serial: mxs-auart: add spinlock around changing cts state The uart_handle_cts_change() function in serial_core expects the caller to hold uport->lock. For example, I have seen the below kernel splat, when the Bluetooth driver is loaded on an i.MX28 board. [ 85.119255] ------------[ cut here ]------------ [ 85.124413] WARNING: CPU: 0 PID: 27 at /drivers/tty/serial/serial_core.c:3453 uart_handle_cts_change+0xb4/0xec [ 85.134694] Modules linked in: hci_uart bluetooth ecdh_generic ecc wlcore_sdio configfs [ 85.143314] CPU: 0 PID: 27 Comm: kworker/u3:0 Not tainted 6.6.3-00021-gd62a2f068f92 #1 [ 85.151396] Hardware name: Freescale MXS (Device Tree) [ 85.156679] Workqueue: hci0 hci_power_on [bluetooth] (...) [ 85.191765] uart_handle_cts_change from mxs_auart_irq_handle+0x380/0x3f4 [ 85.198787] mxs_auart_irq_handle from __handle_irq_event_percpu+0x88/0x210 (...) (string)

}

]

affected : [ »

0 : { »

product : Linux (string)

vendor : Linux (string)

defaultStatus : unaffected (string)

repo : https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git (string)

programFiles : [ »

0 : drivers/tty/serial/mxs-auart.c (string)

]

versions : [ »

0 : { »

version : 4d90bb147ef6b91f529a21b498ff2b5fdc6785b4 (string)

lessThan : 56434e295bd446142025913bfdf1587f5e1970ad (string)

status : affected (string)

versionType : git (string)

}

1 : { »

version : 4d90bb147ef6b91f529a21b498ff2b5fdc6785b4 (string)

lessThan : 21535ef0ac1945080198fe3e4347ea498205c99a (string)

status : affected (string)

versionType : git (string)

}

2 : { »

version : 4d90bb147ef6b91f529a21b498ff2b5fdc6785b4 (string)

lessThan : 0dc0637e6b16158af85945425821bfd0151adb37 (string)

status : affected (string)

versionType : git (string)

}

3 : { »

version : 4d90bb147ef6b91f529a21b498ff2b5fdc6785b4 (string)

lessThan : 479244d68f5d94f3903eced52b093c1e01ddb495 (string)

status : affected (string)

versionType : git (string)

}

4 : { »

version : 4d90bb147ef6b91f529a21b498ff2b5fdc6785b4 (string)

lessThan : 2c9b943e9924cf1269e44289bc5e60e51b0f5270 (string)

status : affected (string)

versionType : git (string)

}

5 : { »

version : 4d90bb147ef6b91f529a21b498ff2b5fdc6785b4 (string)

lessThan : 5f40fd6ca2cf0bfbc5a5c9e403dfce8ca899ba37 (string)

status : affected (string)

versionType : git (string)

}

6 : { »

version : 4d90bb147ef6b91f529a21b498ff2b5fdc6785b4 (string)

lessThan : 94b0e65c75f4af888ab2dd6c90f060f762924e86 (string)

status : affected (string)

versionType : git (string)

}

7 : { »

version : 4d90bb147ef6b91f529a21b498ff2b5fdc6785b4 (string)

lessThan : 54c4ec5f8c471b7c1137a1f769648549c423c026 (string)

status : affected (string)

versionType : git (string)

}

]

}

1 : { »

product : Linux (string)

vendor : Linux (string)

defaultStatus : affected (string)

repo : https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git (string)

programFiles : [ »

0 : drivers/tty/serial/mxs-auart.c (string)

]

versions : [ »

0 : { »

version : 3.18 (string)

status : affected (string)

}

1 : { »

version : 0 (string)

lessThan : 3.18 (string)

status : unaffected (string)

versionType : semver (string)

}

2 : { »

version : 4.19.313 (string)

lessThanOrEqual : 4.19.* (string)

status : unaffected (string)

versionType : semver (string)

}

3 : { »

version : 5.4.275 (string)

lessThanOrEqual : 5.4.* (string)

status : unaffected (string)

versionType : semver (string)

}

4 : { »

version : 5.10.216 (string)

lessThanOrEqual : 5.10.* (string)

status : unaffected (string)

versionType : semver (string)

}

5 : { »

version : 5.15.158 (string)

lessThanOrEqual : 5.15.* (string)

status : unaffected (string)

versionType : semver (string)

}

6 : { »

version : 6.1.88 (string)

lessThanOrEqual : 6.1.* (string)

status : unaffected (string)

versionType : semver (string)

}

7 : { »

version : 6.6.29 (string)

lessThanOrEqual : 6.6.* (string)

status : unaffected (string)

versionType : semver (string)

}

8 : { »

version : 6.8.8 (string)

lessThanOrEqual : 6.8.* (string)

status : unaffected (string)

versionType : semver (string)

}

9 : { »

version : 6.9 (string)

lessThanOrEqual : * (string)

status : unaffected (string)

versionType : original_commit_for_fix (string)

}

]

}

]

cpeApplicability : [ »

0 : { »

nodes : [ »

0 : { »

operator : OR (string)

negate : false (boolean)

cpeMatch : [ »

0 : { »

vulnerable : true (boolean)

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

versionStartIncluding : 3.18 (string)

versionEndExcluding : 4.19.313 (string)

}

1 : { »

vulnerable : true (boolean)

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

versionStartIncluding : 3.18 (string)

versionEndExcluding : 5.4.275 (string)

}

2 : { »

vulnerable : true (boolean)

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

versionStartIncluding : 3.18 (string)

versionEndExcluding : 5.10.216 (string)

}

3 : { »

vulnerable : true (boolean)

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

versionStartIncluding : 3.18 (string)

versionEndExcluding : 5.15.158 (string)

}

4 : { »

vulnerable : true (boolean)

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

versionStartIncluding : 3.18 (string)

versionEndExcluding : 6.1.88 (string)

}

5 : { »

vulnerable : true (boolean)

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

versionStartIncluding : 3.18 (string)

versionEndExcluding : 6.6.29 (string)

}

6 : { »

vulnerable : true (boolean)

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

versionStartIncluding : 3.18 (string)

versionEndExcluding : 6.8.8 (string)

}

7 : { »

vulnerable : true (boolean)

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

versionStartIncluding : 3.18 (string)

versionEndExcluding : 6.9 (string)

}

]

}

]

}

]

references : [ »

0 : { »

url : https://git.kernel.org/stable/c/56434e295bd446142025913bfdf1587f5e1970ad (string)

}

1 : { »

url : https://git.kernel.org/stable/c/21535ef0ac1945080198fe3e4347ea498205c99a (string)

}

2 : { »

url : https://git.kernel.org/stable/c/0dc0637e6b16158af85945425821bfd0151adb37 (string)

}

3 : { »

url : https://git.kernel.org/stable/c/479244d68f5d94f3903eced52b093c1e01ddb495 (string)

}

4 : { »

url : https://git.kernel.org/stable/c/2c9b943e9924cf1269e44289bc5e60e51b0f5270 (string)

}

5 : { »

url : https://git.kernel.org/stable/c/5f40fd6ca2cf0bfbc5a5c9e403dfce8ca899ba37 (string)

}

6 : { »

url : https://git.kernel.org/stable/c/94b0e65c75f4af888ab2dd6c90f060f762924e86 (string)

}

7 : { »

url : https://git.kernel.org/stable/c/54c4ec5f8c471b7c1137a1f769648549c423c026 (string)

}

]

title : serial: mxs-auart: add spinlock around changing cts state (string)

x_generator : { »

engine : bippy-1.2.0 (string)

}

adp : [ »

0 : { »

title : CISA ADP Vulnrichment (string)

metrics : [ »

0 : { »

other : { »

type : ssvc (string)

content : { »

id : CVE-2024-27000 (string)

role : CISA Coordinator (string)

options : [ »

0 : { »

Exploitation : none (string)

}

1 : { »

Automatable : no (string)

}

2 : { »

Technical Impact : partial (string)

}

]

version : 2.0.3 (string)

timestamp : 2024-05-28T17:46:24.840669Z (string)

}

]

providerMetadata : { »

orgId : 134c704f-9b21-4f2e-91b3-4a467353bcc0 (string)

shortName : CISA-ADP (string)

dateUpdated : 2024-06-04T17:47:26.528Z (string)

}

1 : { »

providerMetadata : { »

orgId : af854a3a-2127-422b-91ae-364da2661108 (string)

shortName : CVE (string)

dateUpdated : 2024-08-02T00:21:05.866Z (string)

}

title : CVE Program Container (string)

references : [ »

0 : { »

url : https://git.kernel.org/stable/c/56434e295bd446142025913bfdf1587f5e1970ad (string)

tags : [ »

0 : x_transferred (string)

]

}

1 : { »

url : https://git.kernel.org/stable/c/21535ef0ac1945080198fe3e4347ea498205c99a (string)

tags : [ »

0 : x_transferred (string)

]

}

2 : { »

url : https://git.kernel.org/stable/c/0dc0637e6b16158af85945425821bfd0151adb37 (string)

tags : [ »

0 : x_transferred (string)

]

}

3 : { »

url : https://git.kernel.org/stable/c/479244d68f5d94f3903eced52b093c1e01ddb495 (string)

tags : [ »

0 : x_transferred (string)

]

}

4 : { »

url : https://git.kernel.org/stable/c/2c9b943e9924cf1269e44289bc5e60e51b0f5270 (string)

tags : [ »

0 : x_transferred (string)

]

}

5 : { »

url : https://git.kernel.org/stable/c/5f40fd6ca2cf0bfbc5a5c9e403dfce8ca899ba37 (string)

tags : [ »

0 : x_transferred (string)

]

}

6 : { »

url : https://git.kernel.org/stable/c/94b0e65c75f4af888ab2dd6c90f060f762924e86 (string)

tags : [ »

0 : x_transferred (string)

]

}

7 : { »

url : https://git.kernel.org/stable/c/54c4ec5f8c471b7c1137a1f769648549c423c026 (string)

tags : [ »

0 : x_transferred (string)

]

}

8 : { »

url : https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html (string)

tags : [ »

0 : x_transferred (string)

]

}

]

}

]

}

dataVersion : 5.1 (string)

}

Show plain JSON

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/56434e295bd446142025913bfdf1587f5e1970ad", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/21535ef0ac1945080198fe3e4347ea498205c99a", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/0dc0637e6b16158af85945425821bfd0151adb37", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/479244d68f5d94f3903eced52b093c1e01ddb495", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/2c9b943e9924cf1269e44289bc5e60e51b0f5270", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/5f40fd6ca2cf0bfbc5a5c9e403dfce8ca899ba37", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/94b0e65c75f4af888ab2dd6c90f060f762924e86", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/54c4ec5f8c471b7c1137a1f769648549c423c026", "tags": ["x_transferred"]}, {"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T00:21:05.866Z"}}, {"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-27000", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-05-28T17:46:24.840669Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-05-28T17:46:31.215Z"}, "title": "CISA ADP Vulnrichment"}], "cna": {"title": "serial: mxs-auart: add spinlock around changing cts state", "affected": [{"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "4d90bb147ef6b91f529a21b498ff2b5fdc6785b4", "lessThan": "56434e295bd446142025913bfdf1587f5e1970ad", "versionType": "git"}, {"status": "affected", "version": "4d90bb147ef6b91f529a21b498ff2b5fdc6785b4", "lessThan": "21535ef0ac1945080198fe3e4347ea498205c99a", "versionType": "git"}, {"status": "affected", "version": "4d90bb147ef6b91f529a21b498ff2b5fdc6785b4", "lessThan": "0dc0637e6b16158af85945425821bfd0151adb37", "versionType": "git"}, {"status": "affected", "version": "4d90bb147ef6b91f529a21b498ff2b5fdc6785b4", "lessThan": "479244d68f5d94f3903eced52b093c1e01ddb495", "versionType": "git"}, {"status": "affected", "version": "4d90bb147ef6b91f529a21b498ff2b5fdc6785b4", "lessThan": "2c9b943e9924cf1269e44289bc5e60e51b0f5270", "versionType": "git"}, {"status": "affected", "version": "4d90bb147ef6b91f529a21b498ff2b5fdc6785b4", "lessThan": "5f40fd6ca2cf0bfbc5a5c9e403dfce8ca899ba37", "versionType": "git"}, {"status": "affected", "version": "4d90bb147ef6b91f529a21b498ff2b5fdc6785b4", "lessThan": "94b0e65c75f4af888ab2dd6c90f060f762924e86", "versionType": "git"}, {"status": "affected", "version": "4d90bb147ef6b91f529a21b498ff2b5fdc6785b4", "lessThan": "54c4ec5f8c471b7c1137a1f769648549c423c026", "versionType": "git"}], "programFiles": ["drivers/tty/serial/mxs-auart.c"], "defaultStatus": "unaffected"}, {"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "3.18"}, {"status": "unaffected", "version": "0", "lessThan": "3.18", "versionType": "semver"}, {"status": "unaffected", "version": "4.19.313", "versionType": "semver", "lessThanOrEqual": "4.19.*"}, {"status": "unaffected", "version": "5.4.275", "versionType": "semver", "lessThanOrEqual": "5.4.*"}, {"status": "unaffected", "version": "5.10.216", "versionType": "semver", "lessThanOrEqual": "5.10.*"}, {"status": "unaffected", "version": "5.15.158", "versionType": "semver", "lessThanOrEqual": "5.15.*"}, {"status": "unaffected", "version": "6.1.88", "versionType": "semver", "lessThanOrEqual": "6.1.*"}, {"status": "unaffected", "version": "6.6.29", "versionType": "semver", "lessThanOrEqual": "6.6.*"}, {"status": "unaffected", "version": "6.8.8", "versionType": "semver", "lessThanOrEqual": "6.8.*"}, {"status": "unaffected", "version": "6.9", "versionType": "original_commit_for_fix", "lessThanOrEqual": "*"}], "programFiles": ["drivers/tty/serial/mxs-auart.c"], "defaultStatus": "affected"}], "references": [{"url": "https://git.kernel.org/stable/c/56434e295bd446142025913bfdf1587f5e1970ad"}, {"url": "https://git.kernel.org/stable/c/21535ef0ac1945080198fe3e4347ea498205c99a"}, {"url": "https://git.kernel.org/stable/c/0dc0637e6b16158af85945425821bfd0151adb37"}, {"url": "https://git.kernel.org/stable/c/479244d68f5d94f3903eced52b093c1e01ddb495"}, {"url": "https://git.kernel.org/stable/c/2c9b943e9924cf1269e44289bc5e60e51b0f5270"}, {"url": "https://git.kernel.org/stable/c/5f40fd6ca2cf0bfbc5a5c9e403dfce8ca899ba37"}, {"url": "https://git.kernel.org/stable/c/94b0e65c75f4af888ab2dd6c90f060f762924e86"}, {"url": "https://git.kernel.org/stable/c/54c4ec5f8c471b7c1137a1f769648549c423c026"}], "x_generator": {"engine": "bippy-1.2.0"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nserial: mxs-auart: add spinlock around changing cts state\n\nThe uart_handle_cts_change() function in serial_core expects the caller\nto hold uport->lock. For example, I have seen the below kernel splat,\nwhen the Bluetooth driver is loaded on an i.MX28 board.\n\n    [   85.119255] ------------[ cut here ]------------\n    [   85.124413] WARNING: CPU: 0 PID: 27 at /drivers/tty/serial/serial_core.c:3453 uart_handle_cts_change+0xb4/0xec\n    [   85.134694] Modules linked in: hci_uart bluetooth ecdh_generic ecc wlcore_sdio configfs\n    [   85.143314] CPU: 0 PID: 27 Comm: kworker/u3:0 Not tainted 6.6.3-00021-gd62a2f068f92 #1\n    [   85.151396] Hardware name: Freescale MXS (Device Tree)\n    [   85.156679] Workqueue: hci0 hci_power_on [bluetooth]\n    (...)\n    [   85.191765]  uart_handle_cts_change from mxs_auart_irq_handle+0x380/0x3f4\n    [   85.198787]  mxs_auart_irq_handle from __handle_irq_event_percpu+0x88/0x210\n    (...)"}], "cpeApplicability": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "4.19.313", "versionStartIncluding": "3.18"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "5.4.275", "versionStartIncluding": "3.18"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "5.10.216", "versionStartIncluding": "3.18"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "5.15.158", "versionStartIncluding": "3.18"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "6.1.88", "versionStartIncluding": "3.18"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "6.6.29", "versionStartIncluding": "3.18"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "6.8.8", "versionStartIncluding": "3.18"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "6.9", "versionStartIncluding": "3.18"}], "operator": "OR"}]}], "providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2025-05-04T09:01:51.767Z"}}}, "cveMetadata": {"cveId": "CVE-2024-27000", "state": "PUBLISHED", "dateUpdated": "2025-05-04T09:01:51.767Z", "dateReserved": "2024-02-19T14:20:24.207Z", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "datePublished": "2024-05-01T05:28:35.749Z", "assignerShortName": "Linux"}, "dataVersion": "5.1"}

{

dataType : CVE_RECORD (string)

containers : { »

adp : [ »

0 : { »

title : CVE Program Container (string)

references : [ »

0 : { »

url : https://git.kernel.org/stable/c/56434e295bd446142025913bfdf1587f5e1970ad (string)

tags : [ »

0 : x_transferred (string)

]

}

1 : { »

url : https://git.kernel.org/stable/c/21535ef0ac1945080198fe3e4347ea498205c99a (string)

tags : [ »

0 : x_transferred (string)

]

}

2 : { »

url : https://git.kernel.org/stable/c/0dc0637e6b16158af85945425821bfd0151adb37 (string)

tags : [ »

0 : x_transferred (string)

]

}

3 : { »

url : https://git.kernel.org/stable/c/479244d68f5d94f3903eced52b093c1e01ddb495 (string)

tags : [ »

0 : x_transferred (string)

]

}

4 : { »

url : https://git.kernel.org/stable/c/2c9b943e9924cf1269e44289bc5e60e51b0f5270 (string)

tags : [ »

0 : x_transferred (string)

]

}

5 : { »

url : https://git.kernel.org/stable/c/5f40fd6ca2cf0bfbc5a5c9e403dfce8ca899ba37 (string)

tags : [ »

0 : x_transferred (string)

]

}

6 : { »

url : https://git.kernel.org/stable/c/94b0e65c75f4af888ab2dd6c90f060f762924e86 (string)

tags : [ »

0 : x_transferred (string)

]

}

7 : { »

url : https://git.kernel.org/stable/c/54c4ec5f8c471b7c1137a1f769648549c423c026 (string)

tags : [ »

0 : x_transferred (string)

]

}

8 : { »

url : https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html (string)

tags : [ »

0 : x_transferred (string)

]

}

]

providerMetadata : { »

orgId : af854a3a-2127-422b-91ae-364da2661108 (string)

shortName : CVE (string)

dateUpdated : 2024-08-02T00:21:05.866Z (string)

}

1 : { »

metrics : [ »

0 : { »

other : { »

type : ssvc (string)

content : { »

id : CVE-2024-27000 (string)

role : CISA Coordinator (string)

options : [ »

0 : { »

Exploitation : none (string)

}

1 : { »

Automatable : no (string)

}

2 : { »

Technical Impact : partial (string)

}

]

version : 2.0.3 (string)

timestamp : 2024-05-28T17:46:24.840669Z (string)

}

]

providerMetadata : { »

orgId : 134c704f-9b21-4f2e-91b3-4a467353bcc0 (string)

shortName : CISA-ADP (string)

dateUpdated : 2024-05-28T17:46:31.215Z (string)

}

title : CISA ADP Vulnrichment (string)

}

]

cna : { »

title : serial: mxs-auart: add spinlock around changing cts state (string)

affected : [ »

0 : { »

repo : https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git (string)

vendor : Linux (string)

product : Linux (string)

versions : [ »

0 : { »

status : affected (string)

version : 4d90bb147ef6b91f529a21b498ff2b5fdc6785b4 (string)

lessThan : 56434e295bd446142025913bfdf1587f5e1970ad (string)

versionType : git (string)

}

1 : { »

status : affected (string)

version : 4d90bb147ef6b91f529a21b498ff2b5fdc6785b4 (string)

lessThan : 21535ef0ac1945080198fe3e4347ea498205c99a (string)

versionType : git (string)

}

2 : { »

status : affected (string)

version : 4d90bb147ef6b91f529a21b498ff2b5fdc6785b4 (string)

lessThan : 0dc0637e6b16158af85945425821bfd0151adb37 (string)

versionType : git (string)

}

3 : { »

status : affected (string)

version : 4d90bb147ef6b91f529a21b498ff2b5fdc6785b4 (string)

lessThan : 479244d68f5d94f3903eced52b093c1e01ddb495 (string)

versionType : git (string)

}

4 : { »

status : affected (string)

version : 4d90bb147ef6b91f529a21b498ff2b5fdc6785b4 (string)

lessThan : 2c9b943e9924cf1269e44289bc5e60e51b0f5270 (string)

versionType : git (string)

}

5 : { »

status : affected (string)

version : 4d90bb147ef6b91f529a21b498ff2b5fdc6785b4 (string)

lessThan : 5f40fd6ca2cf0bfbc5a5c9e403dfce8ca899ba37 (string)

versionType : git (string)

}

6 : { »

status : affected (string)

version : 4d90bb147ef6b91f529a21b498ff2b5fdc6785b4 (string)

lessThan : 94b0e65c75f4af888ab2dd6c90f060f762924e86 (string)

versionType : git (string)

}

7 : { »

status : affected (string)

version : 4d90bb147ef6b91f529a21b498ff2b5fdc6785b4 (string)

lessThan : 54c4ec5f8c471b7c1137a1f769648549c423c026 (string)

versionType : git (string)

}

]

programFiles : [ »

0 : drivers/tty/serial/mxs-auart.c (string)

]

defaultStatus : unaffected (string)

}

1 : { »

repo : https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git (string)

vendor : Linux (string)

product : Linux (string)

versions : [ »

0 : { »

status : affected (string)

version : 3.18 (string)

}

1 : { »

status : unaffected (string)

version : 0 (string)

lessThan : 3.18 (string)

versionType : semver (string)

}

2 : { »

status : unaffected (string)

version : 4.19.313 (string)

versionType : semver (string)

lessThanOrEqual : 4.19.* (string)

}

3 : { »

status : unaffected (string)

version : 5.4.275 (string)

versionType : semver (string)

lessThanOrEqual : 5.4.* (string)

}

4 : { »

status : unaffected (string)

version : 5.10.216 (string)

versionType : semver (string)

lessThanOrEqual : 5.10.* (string)

}

5 : { »

status : unaffected (string)

version : 5.15.158 (string)

versionType : semver (string)

lessThanOrEqual : 5.15.* (string)

}

6 : { »

status : unaffected (string)

version : 6.1.88 (string)

versionType : semver (string)

lessThanOrEqual : 6.1.* (string)

}

7 : { »

status : unaffected (string)

version : 6.6.29 (string)

versionType : semver (string)

lessThanOrEqual : 6.6.* (string)

}

8 : { »

status : unaffected (string)

version : 6.8.8 (string)

versionType : semver (string)

lessThanOrEqual : 6.8.* (string)

}

9 : { »

status : unaffected (string)

version : 6.9 (string)

versionType : original_commit_for_fix (string)

lessThanOrEqual : * (string)

}

]

programFiles : [ »

0 : drivers/tty/serial/mxs-auart.c (string)

]

defaultStatus : affected (string)

}

]

references : [ »

0 : { »

url : https://git.kernel.org/stable/c/56434e295bd446142025913bfdf1587f5e1970ad (string)

}

1 : { »

url : https://git.kernel.org/stable/c/21535ef0ac1945080198fe3e4347ea498205c99a (string)

}

2 : { »

url : https://git.kernel.org/stable/c/0dc0637e6b16158af85945425821bfd0151adb37 (string)

}

3 : { »

url : https://git.kernel.org/stable/c/479244d68f5d94f3903eced52b093c1e01ddb495 (string)

}

4 : { »

url : https://git.kernel.org/stable/c/2c9b943e9924cf1269e44289bc5e60e51b0f5270 (string)

}

5 : { »

url : https://git.kernel.org/stable/c/5f40fd6ca2cf0bfbc5a5c9e403dfce8ca899ba37 (string)

}

6 : { »

url : https://git.kernel.org/stable/c/94b0e65c75f4af888ab2dd6c90f060f762924e86 (string)

}

7 : { »

url : https://git.kernel.org/stable/c/54c4ec5f8c471b7c1137a1f769648549c423c026 (string)

}

]

x_generator : { »

engine : bippy-1.2.0 (string)

}

descriptions : [ »

0 : { »

lang : en (string)

value : In the Linux kernel, the following vulnerability has been resolved: serial: mxs-auart: add spinlock around changing cts state The uart_handle_cts_change() function in serial_core expects the caller to hold uport->lock. For example, I have seen the below kernel splat, when the Bluetooth driver is loaded on an i.MX28 board. [ 85.119255] ------------[ cut here ]------------ [ 85.124413] WARNING: CPU: 0 PID: 27 at /drivers/tty/serial/serial_core.c:3453 uart_handle_cts_change+0xb4/0xec [ 85.134694] Modules linked in: hci_uart bluetooth ecdh_generic ecc wlcore_sdio configfs [ 85.143314] CPU: 0 PID: 27 Comm: kworker/u3:0 Not tainted 6.6.3-00021-gd62a2f068f92 #1 [ 85.151396] Hardware name: Freescale MXS (Device Tree) [ 85.156679] Workqueue: hci0 hci_power_on [bluetooth] (...) [ 85.191765] uart_handle_cts_change from mxs_auart_irq_handle+0x380/0x3f4 [ 85.198787] mxs_auart_irq_handle from __handle_irq_event_percpu+0x88/0x210 (...) (string)

}

]

cpeApplicability : [ »

0 : { »

nodes : [ »

0 : { »

negate : false (boolean)

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

vulnerable : true (boolean)

versionEndExcluding : 4.19.313 (string)

versionStartIncluding : 3.18 (string)

}

1 : { »

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

vulnerable : true (boolean)

versionEndExcluding : 5.4.275 (string)

versionStartIncluding : 3.18 (string)

}

2 : { »

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

vulnerable : true (boolean)

versionEndExcluding : 5.10.216 (string)

versionStartIncluding : 3.18 (string)

}

3 : { »

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

vulnerable : true (boolean)

versionEndExcluding : 5.15.158 (string)

versionStartIncluding : 3.18 (string)

}

4 : { »

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

vulnerable : true (boolean)

versionEndExcluding : 6.1.88 (string)

versionStartIncluding : 3.18 (string)

}

5 : { »

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

vulnerable : true (boolean)

versionEndExcluding : 6.6.29 (string)

versionStartIncluding : 3.18 (string)

}

6 : { »

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

vulnerable : true (boolean)

versionEndExcluding : 6.8.8 (string)

versionStartIncluding : 3.18 (string)

}

7 : { »

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

vulnerable : true (boolean)

versionEndExcluding : 6.9 (string)

versionStartIncluding : 3.18 (string)

}

]

operator : OR (string)

}

]

}

]

providerMetadata : { »

orgId : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

shortName : Linux (string)

dateUpdated : 2025-05-04T09:01:51.767Z (string)

}

cveMetadata : { »

cveId : CVE-2024-27000 (string)

state : PUBLISHED (string)

dateUpdated : 2025-05-04T09:01:51.767Z (string)

dateReserved : 2024-02-19T14:20:24.207Z (string)

assignerOrgId : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

datePublished : 2024-05-01T05:28:35.749Z (string)

assignerShortName : Linux (string)

}

dataVersion : 5.1 (string)

}

Show plain JSON

{"descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nserial: mxs-auart: add spinlock around changing cts state\n\nThe uart_handle_cts_change() function in serial_core expects the caller\nto hold uport->lock. For example, I have seen the below kernel splat,\nwhen the Bluetooth driver is loaded on an i.MX28 board.\n\n    [   85.119255] ------------[ cut here ]------------\n    [   85.124413] WARNING: CPU: 0 PID: 27 at /drivers/tty/serial/serial_core.c:3453 uart_handle_cts_change+0xb4/0xec\n    [   85.134694] Modules linked in: hci_uart bluetooth ecdh_generic ecc wlcore_sdio configfs\n    [   85.143314] CPU: 0 PID: 27 Comm: kworker/u3:0 Not tainted 6.6.3-00021-gd62a2f068f92 #1\n    [   85.151396] Hardware name: Freescale MXS (Device Tree)\n    [   85.156679] Workqueue: hci0 hci_power_on [bluetooth]\n    (...)\n    [   85.191765]  uart_handle_cts_change from mxs_auart_irq_handle+0x380/0x3f4\n    [   85.198787]  mxs_auart_irq_handle from __handle_irq_event_percpu+0x88/0x210\n    (...)"}, {"lang": "es", "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: serial: mxs-auart: agrega spinlock para cambiar el estado de cts. La funci\u00f3n uart_handle_cts_change() en serial_core espera que la persona que llama mantenga uport-&gt;lock. Por ejemplo, he visto el siguiente s\u00edmbolo del kernel, cuando el controlador Bluetooth est\u00e1 cargado en una placa i.MX28. [85.119255] ------------[ cortar aqu\u00ed ]------------ [ 85.124413] ADVERTENCIA: CPU: 0 PID: 27 en /drivers/tty/serial/ serial_core.c:3453 uart_handle_cts_change+0xb4/0xec [85.134694] M\u00f3dulos vinculados en: hci_uart bluetooth ecdh_generic ecc wlcore_sdio configfs [85.143314] CPU: 0 PID: 27 Comm: kworker/u3:0 No contaminado 6.6.3-00021-gd6 2a2f068f92 #1 [85.151396] Nombre de hardware: Freescale MXS (\u00e1rbol de dispositivos) [85.156679] Cola de trabajo: hci0 hci_power_on [bluetooth] (...) [85.191765] uart_handle_cts_change from mxs_auart_irq_handle+0x380/0x3f4 [ 85.198787] q_handle de __handle_irq_event_percpu+0x88/0x210 (.. .)"}], "id": "CVE-2024-27000", "lastModified": "2024-11-21T09:03:35.457", "metrics": {}, "published": "2024-05-01T06:15:18.140", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/0dc0637e6b16158af85945425821bfd0151adb37"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/21535ef0ac1945080198fe3e4347ea498205c99a"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/2c9b943e9924cf1269e44289bc5e60e51b0f5270"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/479244d68f5d94f3903eced52b093c1e01ddb495"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/54c4ec5f8c471b7c1137a1f769648549c423c026"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/56434e295bd446142025913bfdf1587f5e1970ad"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/5f40fd6ca2cf0bfbc5a5c9e403dfce8ca899ba37"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/94b0e65c75f4af888ab2dd6c90f060f762924e86"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://git.kernel.org/stable/c/0dc0637e6b16158af85945425821bfd0151adb37"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://git.kernel.org/stable/c/21535ef0ac1945080198fe3e4347ea498205c99a"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://git.kernel.org/stable/c/2c9b943e9924cf1269e44289bc5e60e51b0f5270"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://git.kernel.org/stable/c/479244d68f5d94f3903eced52b093c1e01ddb495"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://git.kernel.org/stable/c/54c4ec5f8c471b7c1137a1f769648549c423c026"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://git.kernel.org/stable/c/56434e295bd446142025913bfdf1587f5e1970ad"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://git.kernel.org/stable/c/5f40fd6ca2cf0bfbc5a5c9e403dfce8ca899ba37"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://git.kernel.org/stable/c/94b0e65c75f4af888ab2dd6c90f060f762924e86"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Awaiting Analysis"}

{

descriptions : [ »

0 : { »

lang : en (string)

value : In the Linux kernel, the following vulnerability has been resolved: serial: mxs-auart: add spinlock around changing cts state The uart_handle_cts_change() function in serial_core expects the caller to hold uport->lock. For example, I have seen the below kernel splat, when the Bluetooth driver is loaded on an i.MX28 board. [ 85.119255] ------------[ cut here ]------------ [ 85.124413] WARNING: CPU: 0 PID: 27 at /drivers/tty/serial/serial_core.c:3453 uart_handle_cts_change+0xb4/0xec [ 85.134694] Modules linked in: hci_uart bluetooth ecdh_generic ecc wlcore_sdio configfs [ 85.143314] CPU: 0 PID: 27 Comm: kworker/u3:0 Not tainted 6.6.3-00021-gd62a2f068f92 #1 [ 85.151396] Hardware name: Freescale MXS (Device Tree) [ 85.156679] Workqueue: hci0 hci_power_on [bluetooth] (...) [ 85.191765] uart_handle_cts_change from mxs_auart_irq_handle+0x380/0x3f4 [ 85.198787] mxs_auart_irq_handle from __handle_irq_event_percpu+0x88/0x210 (...) (string)

}

1 : { »

lang : es (string)

value : En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: serial: mxs-auart: agrega spinlock para cambiar el estado de cts. La función uart_handle_cts_change() en serial_core espera que la persona que llama mantenga uport->lock. Por ejemplo, he visto el siguiente símbolo del kernel, cuando el controlador Bluetooth está cargado en una placa i.MX28. [85.119255] ------------[ cortar aquí ]------------ [ 85.124413] ADVERTENCIA: CPU: 0 PID: 27 en /drivers/tty/serial/ serial_core.c:3453 uart_handle_cts_change+0xb4/0xec [85.134694] Módulos vinculados en: hci_uart bluetooth ecdh_generic ecc wlcore_sdio configfs [85.143314] CPU: 0 PID: 27 Comm: kworker/u3:0 No contaminado 6.6.3-00021-gd6 2a2f068f92 #1 [85.151396] Nombre de hardware: Freescale MXS (árbol de dispositivos) [85.156679] Cola de trabajo: hci0 hci_power_on [bluetooth] (...) [85.191765] uart_handle_cts_change from mxs_auart_irq_handle+0x380/0x3f4 [ 85.198787] q_handle de __handle_irq_event_percpu+0x88/0x210 (.. .) (string)

}

]

id : CVE-2024-27000 (string)

lastModified : 2024-11-21T09:03:35.457 (string)

metrics : { *empty* }

published : 2024-05-01T06:15:18.140 (string)

references : [ »

0 : { »

source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

url : https://git.kernel.org/stable/c/0dc0637e6b16158af85945425821bfd0151adb37 (string)

}

1 : { »

source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

url : https://git.kernel.org/stable/c/21535ef0ac1945080198fe3e4347ea498205c99a (string)

}

2 : { »

source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

url : https://git.kernel.org/stable/c/2c9b943e9924cf1269e44289bc5e60e51b0f5270 (string)

}

3 : { »

source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

url : https://git.kernel.org/stable/c/479244d68f5d94f3903eced52b093c1e01ddb495 (string)

}

4 : { »

source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

url : https://git.kernel.org/stable/c/54c4ec5f8c471b7c1137a1f769648549c423c026 (string)

}

5 : { »

source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

url : https://git.kernel.org/stable/c/56434e295bd446142025913bfdf1587f5e1970ad (string)

}

6 : { »

source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

url : https://git.kernel.org/stable/c/5f40fd6ca2cf0bfbc5a5c9e403dfce8ca899ba37 (string)

}

7 : { »

source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

url : https://git.kernel.org/stable/c/94b0e65c75f4af888ab2dd6c90f060f762924e86 (string)

}

8 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

url : https://git.kernel.org/stable/c/0dc0637e6b16158af85945425821bfd0151adb37 (string)

}

9 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

url : https://git.kernel.org/stable/c/21535ef0ac1945080198fe3e4347ea498205c99a (string)

}

10 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

url : https://git.kernel.org/stable/c/2c9b943e9924cf1269e44289bc5e60e51b0f5270 (string)

}

11 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

url : https://git.kernel.org/stable/c/479244d68f5d94f3903eced52b093c1e01ddb495 (string)

}

12 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

url : https://git.kernel.org/stable/c/54c4ec5f8c471b7c1137a1f769648549c423c026 (string)

}

13 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

url : https://git.kernel.org/stable/c/56434e295bd446142025913bfdf1587f5e1970ad (string)

}

14 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

url : https://git.kernel.org/stable/c/5f40fd6ca2cf0bfbc5a5c9e403dfce8ca899ba37 (string)

}

15 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

url : https://git.kernel.org/stable/c/94b0e65c75f4af888ab2dd6c90f060f762924e86 (string)

}

16 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

url : https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html (string)

}

]

sourceIdentifier : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

vulnStatus : Awaiting Analysis (string)

}

Show plain JSON

{"bugzilla": {"description": "kernel: serial: mxs-auart: add spinlock around changing cts state", "id": "2278299", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2278299"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.5", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "status": "draft"}, "cwe": "CWE-820->CWE-362", "details": ["In the Linux kernel, the following vulnerability has been resolved:\nserial: mxs-auart: add spinlock around changing cts state\nThe uart_handle_cts_change() function in serial_core expects the caller\nto hold uport->lock. For example, I have seen the below kernel splat,\nwhen the Bluetooth driver is loaded on an i.MX28 board.\n[   85.119255] ------------[ cut here ]------------\n[   85.124413] WARNING: CPU: 0 PID: 27 at /drivers/tty/serial/serial_core.c:3453 uart_handle_cts_change+0xb4/0xec\n[   85.134694] Modules linked in: hci_uart bluetooth ecdh_generic ecc wlcore_sdio configfs\n[   85.143314] CPU: 0 PID: 27 Comm: kworker/u3:0 Not tainted 6.6.3-00021-gd62a2f068f92 #1\n[   85.151396] Hardware name: Freescale MXS (Device Tree)\n[   85.156679] Workqueue: hci0 hci_power_on [bluetooth]\n(...)\n[   85.191765]  uart_handle_cts_change from mxs_auart_irq_handle+0x380/0x3f4\n[   85.198787]  mxs_auart_irq_handle from __handle_irq_event_percpu+0x88/0x210\n(...)", "A flaw was found in the mxs-auart module in the Linux kernel. A race condition can occur when changing the cts state due to a missing lock, potentially impacting system stability and possibly resulting in a denial of service."], "name": "CVE-2024-27000", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2024-05-01T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2024-27000\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-27000\nhttps://lore.kernel.org/linux-cve-announce/2024050146-CVE-2024-27000-c789@gregkh/T"], "statement": "The mxs-auart module is not built in the kernel shipped in Red Hat Enterprise Linux 8 and 9, so it is not affected by this vulnerability.", "threat_severity": "Moderate"}

{

bugzilla : { »

description : kernel: serial: mxs-auart: add spinlock around changing cts state (string)

id : 2278299 (string)

url : https://bugzilla.redhat.com/show_bug.cgi?id=2278299 (string)

}

csaw : false (boolean)

cvss3 : { »

cvss3_base_score : 5.5 (string)

cvss3_scoring_vector : CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H (string)

status : draft (string)

}

cwe : CWE-820->CWE-362 (string)

details : [ »

0 : In the Linux kernel, the following vulnerability has been resolved: serial: mxs-auart: add spinlock around changing cts state The uart_handle_cts_change() function in serial_core expects the caller to hold uport->lock. For example, I have seen the below kernel splat, when the Bluetooth driver is loaded on an i.MX28 board. [ 85.119255] ------------[ cut here ]------------ [ 85.124413] WARNING: CPU: 0 PID: 27 at /drivers/tty/serial/serial_core.c:3453 uart_handle_cts_change+0xb4/0xec [ 85.134694] Modules linked in: hci_uart bluetooth ecdh_generic ecc wlcore_sdio configfs [ 85.143314] CPU: 0 PID: 27 Comm: kworker/u3:0 Not tainted 6.6.3-00021-gd62a2f068f92 #1 [ 85.151396] Hardware name: Freescale MXS (Device Tree) [ 85.156679] Workqueue: hci0 hci_power_on [bluetooth] (...) [ 85.191765] uart_handle_cts_change from mxs_auart_irq_handle+0x380/0x3f4 [ 85.198787] mxs_auart_irq_handle from __handle_irq_event_percpu+0x88/0x210 (...) (string)

1 : A flaw was found in the mxs-auart module in the Linux kernel. A race condition can occur when changing the cts state due to a missing lock, potentially impacting system stability and possibly resulting in a denial of service. (string)

]

name : CVE-2024-27000 (string)

package_state : [ »

0 : { »

cpe : cpe:/o:redhat:enterprise_linux:6 (string)

fix_state : Out of support scope (string)

package_name : kernel (string)

product_name : Red Hat Enterprise Linux 6 (string)

}

1 : { »

cpe : cpe:/o:redhat:enterprise_linux:7 (string)

fix_state : Out of support scope (string)

package_name : kernel (string)

product_name : Red Hat Enterprise Linux 7 (string)

}

2 : { »

cpe : cpe:/o:redhat:enterprise_linux:7 (string)

fix_state : Out of support scope (string)

package_name : kernel-rt (string)

product_name : Red Hat Enterprise Linux 7 (string)

}

3 : { »

cpe : cpe:/o:redhat:enterprise_linux:8 (string)

fix_state : Not affected (string)

package_name : kernel (string)

product_name : Red Hat Enterprise Linux 8 (string)

}

4 : { »

cpe : cpe:/o:redhat:enterprise_linux:8 (string)

fix_state : Not affected (string)

package_name : kernel-rt (string)

product_name : Red Hat Enterprise Linux 8 (string)

}

5 : { »

cpe : cpe:/o:redhat:enterprise_linux:9 (string)

fix_state : Not affected (string)

package_name : kernel (string)

product_name : Red Hat Enterprise Linux 9 (string)

}

6 : { »

cpe : cpe:/o:redhat:enterprise_linux:9 (string)

fix_state : Not affected (string)

package_name : kernel-rt (string)

product_name : Red Hat Enterprise Linux 9 (string)

}

]

public_date : 2024-05-01T00:00:00Z (string)

references : [ »

0 : https://www.cve.org/CVERecord?id=CVE-2024-27000 https://nvd.nist.gov/vuln/detail/CVE-2024-27000 https://lore.kernel.org/linux-cve-announce/2024050146-CVE-2024-27000-c789@gregkh/T (string)

]

statement : The mxs-auart module is not built in the kernel shipped in Red Hat Enterprise Linux 8 and 9, so it is not affected by this vulnerability. (string)

threat_severity : Moderate (string)

}

Metrics

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Exploitation none

Automatable no

Technical Impact partial

Affected Vendors & Products

Metrics

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Exploitation none

Automatable no

Technical Impact partial

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object