CVE-2024-50267

Updated: 2025-02-27 13:59:59.631558

Description:

In the Linux kernel, the following vulnerability has been resolved: USB: serial: io_edgeport: fix use after free in debug printk The "dev_dbg(&urb->dev->dev, ..." which happens after usb_free_urb(urb) is a use after free of the "urb" pointer. Store the "dev" pointer at the start of the function to avoid this issue.


Links NIST CIRCL RHEL Ubuntu

Severity

Severity Score
CVSS Version 2.x 0
CVSS Version 3.x HIGH 7.8

Status

OS name Project name Version Score Severity Status Errata Last updated

Statement
AlmaLinux 9.2 ESU kernel 5.14.0 7.8 HIGH Released CLSA-2025:1743193221 2025-03-29 03:45:55
CentOS 7 ELS kernel 3.10.0 7.8 HIGH Released CLSA-2025:1741624133 2025-03-26 03:27:29
CentOS 8.4 ELS kernel 4.18.0 7.8 HIGH Released CLSA-2025:1742471200 2025-03-21 03:30:49
CentOS 8.5 ELS kernel 4.18.0 7.8 HIGH Released CLSA-2025:1742469561 2025-03-21 03:30:50
CentOS Stream 8 ELS kernel 4.18.0 7.8 HIGH Released CLSA-2025:1742472545 2025-03-21 03:30:48
CloudLinux 7 ELS kernel 3.10.0 7.8 HIGH Ignored 2025-05-23 00:27:20
Oracle Linux 7 ELS kernel 3.10.0 7.8 HIGH Released CLSA-2025:1742322442 2025-03-18 23:41:06
RHEL 7 ELS kernel 3.10.0 7.8 HIGH Released CLSA-2025:1750353839 2025-06-20 00:29:59
Ubuntu 16.04 ELS linux 4.4.0 7.8 HIGH Released CLSA-2025:1742319829 2025-03-18 23:41:35
Ubuntu 16.04 ELS linux-hwe 4.15.0 7.8 HIGH Released CLSA-2025:1742321198 2025-03-18 23:41:53
Total: 11