CVE-2024-50267

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2024-50267
In the Linux kernel, the following vulnerability has been resolved: USB: serial: io_edgeport: fix use after free in debug printk The "dev_dbg(&urb->dev->dev, ..." which happens after usb_free_urb(urb) is a use after free of the "urb" pointer. Store the "dev" pointer at the start of the function to avoid this issue.

7.8 /10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 5.9

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://git.kernel.org/stable/c/13d6ff3ca76056d06a9d88300be2a293442ff595 Patch
https://git.kernel.org/stable/c/275258c30bbda29467216e96fb655b16bcc9992b Patch
https://git.kernel.org/stable/c/314bdf446053e123f37543aa535197ee75f8aa97 Patch
https://git.kernel.org/stable/c/37bb5628379295c1254c113a407cab03a0f4d0b4 Patch
https://git.kernel.org/stable/c/39709ce93f5c3f9eb535efe2afea088805d1128f Patch
https://git.kernel.org/stable/c/44fff2c16c5aafbdb70c7183dae0a415ae74705e Patch
https://git.kernel.org/stable/c/e567fc8f7a4460e486e52c9261b1e8b9f5dc42aa Patch
https://git.kernel.org/stable/c/e6ceb04eeb6115d872d4c4078d12f1170ed755ce Patch
https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html
https://lists.debian.org/debian-lts-announce/2025/03/msg00002.html
Configurations

Configuration 1 (hide)

OR cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.12:rc1:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.12:rc2:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.12:rc3:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.12:rc4:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.12:rc5:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.12:rc6:*:*:*:*:*:*
History

03 Nov 2025, 23:17

Type Values Removed Values Added
References
  • () https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html -

03 Nov 2025, 21:17

Type Values Removed Values Added
References
  • () https://lists.debian.org/debian-lts-announce/2025/03/msg00002.html -
Information

Published : 2024-11-19 02:16

Updated : 2025-11-03 23:17

NVD link : CVE-2024-50267

Mitre link : CVE-2024-50267

CVE.ORG link : CVE-2024-50267

JSON object : View

Products Affected

linux

  • linux_kernel
CWE
CWE-416

Use After Free