Commit dfd4779
CKI Backport Bot
serial: protect uart_port_dtr_rts() in uart_shutdown() too
JIRA: https://issues.redhat.com/browse/RHEL-63838
CVE: CVE-2024-50058
commit 602baba
Author: Jiri Slaby (SUSE) <jirislaby@kernel.org>
Date: Mon Aug 5 12:20:35 2024 +0200
serial: protect uart_port_dtr_rts() in uart_shutdown() too
Commit af224ca (serial: core: Prevent unsafe uart port access, part
3) added few uport == NULL checks. It added one to uart_shutdown(), so
the commit assumes, uport can be NULL in there. But right after that
protection, there is an unprotected "uart_port_dtr_rts(uport, false);"
call. That is invoked only if HUPCL is set, so I assume that is the
reason why we do not see lots of these reports.
Or it cannot be NULL at this point at all for some reason :P.
Until the above is investigated, stay on the safe side and move this
dereference to the if too.
I got this inconsistency from Coverity under CID 1585130. Thanks.
Signed-off-by: Jiri Slaby (SUSE) <jirislaby@kernel.org>
Cc: Peter Hurley <peter@hurleysoftware.com>
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Link: https://lore.kernel.org/r/20240805102046.307511-3-jirislaby@kernel.org
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Signed-off-by: CKI Backport Bot <cki-ci-bot+cki-gitlab-backport-bot@redhat.com>1 parent 181997d commit dfd4779
1 file changed
+9
-7
lines changed| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
374 | 374 | | |
375 | 375 | | |
376 | 376 | | |
377 | | - | |
378 | | - | |
379 | | - | |
380 | | - | |
381 | | - | |
| 377 | + | |
| 378 | + | |
| 379 | + | |
| 380 | + | |
| 381 | + | |
| 382 | + | |
382 | 383 | | |
383 | | - | |
384 | | - | |
| 384 | + | |
| 385 | + | |
| 386 | + | |
385 | 387 | | |
386 | 388 | | |
387 | 389 | | |
| |||
0 commit comments