NVD Vulnerability Detail

CVE-2024-42244

Summary	In the Linux kernel, the following vulnerability has been resolved: USB: serial: mos7840: fix crash on resume Since commit c49cfa917025 ("USB: serial: use generic method if no alternative is provided in usb serial layer"), USB serial core calls the generic resume implementation when the driver has not provided one. This can trigger a crash on resume with mos7840 since support for multiple read URBs was added back in 2011. Specifically, both port read URBs are now submitted on resume for open ports, but the context pointer of the second URB is left set to the core rather than mos7840 port structure. Fix this by implementing dedicated suspend and resume functions for mos7840. Tested with Delock 87414 USB 2.0 to 4x serial adapter. [ johan: analyse crash and rewrite commit message; set busy flag on resume; drop bulk-in check; drop unnecessary usb_kill_urb() ]
Publication Date	Aug. 8, 2024, 1:15 a.m.
Registration Date	Aug. 8, 2024, 5 a.m.
Last Update	Aug. 8, 2024, 11:53 p.m.

Affected software configurations

Related information, measures and tools

No	URL	タグ
1	https://git.kernel.org/stable/c/932a86a711c722b45ed47ba2103adca34d225b33	Patch
2	https://git.kernel.org/stable/c/b14aa5673e0a8077ff4b74f0bb260735e7d5e6a4	Patch
3	https://git.kernel.org/stable/c/1094ed500987e67a9d18b0f95e1812f1cc720856	Patch
4	https://git.kernel.org/stable/c/5ae6a64f18211851c8df6b4221381c438b9a7348	Patch
5	https://git.kernel.org/stable/c/553e67dec846323b5575e78a776cf594c13f98c4	Patch
6	https://git.kernel.org/stable/c/c15a688e49987385baa8804bf65d570e362f8576	Patch

Common Vulnerabilities List

JVN Vulnerability Information

Linux の Linux Kernel における脆弱性

Title	Linux の Linux Kernel における脆弱性
Summary	Linux の Linux Kernel には、不特定の脆弱性が存在します。
Possible impacts	サービス運用妨害 (DoS) 状態にされる可能性があります。
Solution	ベンダより正式な対策が公開されています。ベンダ情報を参照して適切な対策を実施してください。
Publication Date	July 9, 2024, midnight
Registration Date	Aug. 14, 2024, 1:44 p.m.
Last Update	Sept. 2, 2025, 11:15 a.m.

Affected System

Linux

Linux Kernel 3.3 以上 5.10.222 未満

Linux Kernel 5.11 以上 5.15.163 未満

Linux Kernel 5.16 以上 6.1.100 未満

Linux Kernel 6.2 以上 6.6.41 未満

Linux Kernel 6.7 以上 6.9.10 未満

CVE (情報セキュリティ共通脆弱性識別子)

No	Name	URL
Common Vulnerabilities and Exposures (CVE)
1	CVE-2024-42244	https://www.cve.org/CVERecord?id=CVE-2024-42244
National Vulnerability Database (NVD)
2	CVE-2024-42244	https://nvd.nist.gov/vuln/detail/CVE-2024-42244

CWE (共通脆弱性タイプ一覧)

No	Name	URL
JVNDB
1	CWE-noinfo	https://www.ipa.go.jp/security/vuln/scap/cwe.html

ベンダー情報

No	Name	URL
Kernel.org git repositories
1	USB: serial: mos7840: fix crash on resume (1094ed5)	https://git.kernel.org/stable/c/1094ed500987e67a9d18b0f95e1812f1cc720856
2	USB: serial: mos7840: fix crash on resume (553e67d)	https://git.kernel.org/stable/c/553e67dec846323b5575e78a776cf594c13f98c4
3	USB: serial: mos7840: fix crash on resume (5ae6a64)	https://git.kernel.org/stable/c/5ae6a64f18211851c8df6b4221381c438b9a7348
4	USB: serial: mos7840: fix crash on resume (932a86a)	https://git.kernel.org/stable/c/932a86a711c722b45ed47ba2103adca34d225b33
5	USB: serial: mos7840: fix crash on resume (b14aa56)	https://git.kernel.org/stable/c/b14aa5673e0a8077ff4b74f0bb260735e7d5e6a4
6	USB: serial: mos7840: fix crash on resume (c15a688)	https://git.kernel.org/stable/c/c15a688e49987385baa8804bf65d570e362f8576
Linux Kernel
7	Linux Kernel Archives	https://www.kernel.org

その他

No	Name	URL
ICS-CERT ADVISORY
1	ICSA-25-226-07	https://www.cisa.gov/news-events/ics-advisories/icsa-25-226-07
JVN
2	JVNVU#92169998	https://jvn.jp/vu/JVNVU92169998/index.html

Change Log

No	Changed Details	Date of change
1	[2024年08月14日] 掲載	Aug. 14, 2024, 11:36 a.m.
2	[2025年08月18日] 参考情報：JVN (JVNVU#92169998) を追加参考情報：ICS-CERT ADVISORY (ICSA-25-226-07) を追加	Aug. 18, 2025, 5:19 p.m.