{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2024-50058","assignerOrgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","state":"PUBLISHED","assignerShortName":"Linux","dateReserved":"2024-10-21T19:36:19.938Z","datePublished":"2024-10-21T19:39:48.420Z","dateUpdated":"2026-01-05T10:54:51.255Z"},"containers":{"cna":{"providerMetadata":{"orgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","shortName":"Linux","dateUpdated":"2026-01-05T10:54:51.255Z"},"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nserial: protect uart_port_dtr_rts() in uart_shutdown() too\n\nCommit af224ca2df29 (serial: core: Prevent unsafe uart port access, part\n3) added few uport == NULL checks. It added one to uart_shutdown(), so\nthe commit assumes, uport can be NULL in there. But right after that\nprotection, there is an unprotected \"uart_port_dtr_rts(uport, false);\"\ncall. That is invoked only if HUPCL is set, so I assume that is the\nreason why we do not see lots of these reports.\n\nOr it cannot be NULL at this point at all for some reason :P.\n\nUntil the above is investigated, stay on the safe side and move this\ndereference to the if too.\n\nI got this inconsistency from Coverity under CID 1585130. Thanks."}],"affected":[{"product":"Linux","vendor":"Linux","defaultStatus":"unaffected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["drivers/tty/serial/serial_core.c"],"versions":[{"version":"af224ca2df297440448b9d407d21b50982c6d532","lessThan":"2fe399bb8efd0d325ab1138cf8e3ecf23a39e96d","status":"affected","versionType":"git"},{"version":"af224ca2df297440448b9d407d21b50982c6d532","lessThan":"399927f0f875b93f3d5a0336d382ba48b8671eb2","status":"affected","versionType":"git"},{"version":"af224ca2df297440448b9d407d21b50982c6d532","lessThan":"d7b5876a6e74cdf8468a478be6b23f2f5464ac7a","status":"affected","versionType":"git"},{"version":"af224ca2df297440448b9d407d21b50982c6d532","lessThan":"e418d91195d29d5f9c9685ff309b92b04b41dc40","status":"affected","versionType":"git"},{"version":"af224ca2df297440448b9d407d21b50982c6d532","lessThan":"76ed24a34223bb2c6b6162e1d8389ec4e602a290","status":"affected","versionType":"git"},{"version":"af224ca2df297440448b9d407d21b50982c6d532","lessThan":"602babaa84d627923713acaf5f7e9a4369e77473","status":"affected","versionType":"git"}]},{"product":"Linux","vendor":"Linux","defaultStatus":"affected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["drivers/tty/serial/serial_core.c"],"versions":[{"version":"4.7","status":"affected"},{"version":"0","lessThan":"4.7","status":"unaffected","versionType":"semver"},{"version":"5.10.229","lessThanOrEqual":"5.10.*","status":"unaffected","versionType":"semver"},{"version":"5.15.170","lessThanOrEqual":"5.15.*","status":"unaffected","versionType":"semver"},{"version":"6.1.115","lessThanOrEqual":"6.1.*","status":"unaffected","versionType":"semver"},{"version":"6.6.57","lessThanOrEqual":"6.6.*","status":"unaffected","versionType":"semver"},{"version":"6.11.4","lessThanOrEqual":"6.11.*","status":"unaffected","versionType":"semver"},{"version":"6.12","lessThanOrEqual":"*","status":"unaffected","versionType":"original_commit_for_fix"}]}],"cpeApplicability":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.7","versionEndExcluding":"5.10.229"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.7","versionEndExcluding":"5.15.170"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.7","versionEndExcluding":"6.1.115"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.7","versionEndExcluding":"6.6.57"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.7","versionEndExcluding":"6.11.4"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.7","versionEndExcluding":"6.12"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/2fe399bb8efd0d325ab1138cf8e3ecf23a39e96d"},{"url":"https://git.kernel.org/stable/c/399927f0f875b93f3d5a0336d382ba48b8671eb2"},{"url":"https://git.kernel.org/stable/c/d7b5876a6e74cdf8468a478be6b23f2f5464ac7a"},{"url":"https://git.kernel.org/stable/c/e418d91195d29d5f9c9685ff309b92b04b41dc40"},{"url":"https://git.kernel.org/stable/c/76ed24a34223bb2c6b6162e1d8389ec4e602a290"},{"url":"https://git.kernel.org/stable/c/602babaa84d627923713acaf5f7e9a4369e77473"}],"title":"serial: protect uart_port_dtr_rts() in uart_shutdown() too","x_generator":{"engine":"bippy-1.2.0"}},"adp":[{"metrics":[{"other":{"type":"ssvc","content":{"id":"CVE-2024-50058","role":"CISA Coordinator","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"partial"}],"version":"2.0.3","timestamp":"2024-10-22T13:23:14.442818Z"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2024-10-22T13:28:42.567Z"}},{"title":"CVE Program Container","references":[{"url":"https://lists.debian.org/debian-lts-announce/2025/03/msg00002.html"},{"url":"https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html"}],"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2025-11-03T22:24:57.190Z"}}]}}