Null Pointer Dereference in Linux Kernel USB Serial Quatech2 Driver
CVE-2025-21689

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 10 February 2025

Summary

A vulnerability in the USB Serial Quatech2 Driver of the Linux kernel arises from an incorrect bounds check in the qt2_process_read_urb() function. This flaw can lead to a null pointer dereference if the 'newport' variable exceeds the valid range of available ports. Specifically, when 'newport' matches the upper bound of the 'serial->num_ports', an out-of-bounds assignment causes the 'port' variable to dereference a NULL pointer. A patch has been implemented to rectify this issue by adjusting the conditional check to ensure 'newport' does not exceed the valid index range.

Affected Version(s)

Linux f7a33e608d9ae022b7f49307921627e34e9484ed

Linux f7a33e608d9ae022b7f49307921627e34e9484ed < 94770cf7c5124f0268d481886829dc2beecc4507

Linux f7a33e608d9ae022b7f49307921627e34e9484ed < 6068dcff7f19e9fa6fa23ee03453ad6a40fa4efe

References

https://git.kernel.org/stable/c/fa4c7472469d97c4707698b4c...

https://git.kernel.org/stable/c/94770cf7c5124f0268d481886...

https://git.kernel.org/stable/c/6068dcff7f19e9fa6fa23ee03...

Timeline

Vulnerability published
Feb 10, 2025
Vulnerability Reserved
Dec 29, 2024