{"vulnerability": "CVE-2024-56670", "sightings": [{"uuid": "be35e9f1-89b8-4710-b415-d7d8dd7ca476", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56670", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lecc2u3s7w22", "content": "", "creation_timestamp": "2024-12-27T15:20:56.530181Z"}, {"uuid": "2e02519f-e9d1-4e77-a355-52a5cfc2dd28", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56670", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-226-07", "content": "", "creation_timestamp": "2025-08-14T10:00:00.000000Z"}, {"uuid": "c1731330-f94d-4250-81cd-b0761e2142c9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56670", "type": "seen", "source": "https://t.me/cvedetector/13773", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-56670 - \"Linux USB: Gadget: U-Serial Null Pointer Dereference\"\", \n  \"Content\": \"CVE ID : CVE-2024-56670 \nPublished : Dec. 27, 2024, 3:15 p.m. | 32\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved:  \n  \nusb: gadget: u_serial: Fix the issue that gs_start_io crashed due to accessing null pointer  \n  \nConsidering that in some extreme cases,  \nwhen u_serial driver is accessed by multiple threads,  \nThread A is executing the open operation and calling the gs_open,  \nThread B is executing the disconnect operation and calling the  \ngserial_disconnect function,The port->port_usb pointer will be set to NULL.  \n  \nE.g.  \n    Thread A                                 Thread B  \n    gs_open()                                gadget_unbind_driver()  \n    gs_start_io()                            composite_disconnect()  \n    gs_start_rx()                            gserial_disconnect()  \n    ...                                      ...  \n    spin_unlock(&port->port_lock)  \n    status = usb_ep_queue()                  spin_lock(&port->port_lock)  \n    spin_lock(&port->port_lock)              port->port_usb = NULL  \n    gs_free_requests(port->port_usb->in)     spin_unlock(&port->port_lock)  \n    Crash  \n  \nThis causes thread A to access a null pointer (port->port_usb is null)  \nwhen calling the gs_free_requests function, causing a crash.  \n  \nIf port_usb is NULL, the release request will be skipped as it  \nwill be done by gserial_disconnect.  \n  \nSo add a null pointer check to gs_start_io before attempting  \nto access the value of the pointer port->port_usb.  \n  \nCall trace:  \n gs_start_io+0x164/0x25c  \n gs_open+0x108/0x13c  \n tty_open+0x314/0x638  \n chrdev_open+0x1b8/0x258  \n do_dentry_open+0x2c4/0x700  \n vfs_open+0x2c/0x3c  \n path_openat+0xa64/0xc60  \n do_filp_open+0xb8/0x164  \n do_sys_openat2+0x84/0xf0  \n __arm64_sys_openat+0x70/0x9c  \n invoke_syscall+0x58/0x114  \n el0_svc_common+0x80/0xe0  \n do_el0_svc+0x1c/0x28  \n el0_svc+0x38/0x68 \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"27 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-27T16:51:05.000000Z"}]}