[SRU][J][PATCH 0/1] CVE-2024-50073
Massimiliano Pellizzer
massimiliano.pellizzer at canonical.com
Sat Jun 21 13:15:19 UTC 2025
https://ubuntu.com/security/CVE-2024-50073
[ Impact ]
tty: n_gsm: Fix use-after-free in gsm_cleanup_mux
gsm_msg on the tx_ctrl_list or tx_data_list of gsm_mux
can be freed by multi threads through ioctl,which leads
to the occurrence of uaf. Protect it by gsm tx lock.
[ Fix ]
Plucky: not affected
Noble: fixed via upstream stable updates (LP: #2097393)
Jammy: fix backported from mainline
[ Test Plan ]
Compile tested only.
[ Where Problems Could Occur ]
The fix affects the GSM 07.10 multiplexer line discipline in the TTY subsystem.
An issue with this fix may introduce problems such as improper acquisition
or release of the tx_lock spinlock, potentially resulting in deadlocks during
multiplexer teardown or data transmission.
As a consequence, regular users may experience hangs or stalls in applications
communicating over GSM virtual TTYs.
More information about the kernel-team
mailing list