CVE-2024-42244: Vulnerability in Linux Linux
In the Linux kernel, the following vulnerability has been resolved: USB: serial: mos7840: fix crash on resume Since commit c49cfa917025 ("USB: serial: use generic method if no alternative is provided in usb serial layer"), USB serial core calls the generic resume implementation when the driver has not provided one. This can trigger a crash on resume with mos7840 since support for multiple read URBs was added back in 2011. Specifically, both port read URBs are now submitted on resume for open ports, but the context pointer of the second URB is left set to the core rather than mos7840 port structure. Fix this by implementing dedicated suspend and resume functions for mos7840. Tested with Delock 87414 USB 2.0 to 4x serial adapter. [ johan: analyse crash and rewrite commit message; set busy flag on resume; drop bulk-in check; drop unnecessary usb_kill_urb() ]
AI Analysis
Technical Summary
CVE-2024-42244 is a vulnerability identified in the Linux kernel's USB serial driver specifically affecting the mos7840 driver, which supports certain USB-to-serial adapters such as the Delock 87414 USB 2.0 to 4x serial adapter. The issue arises from a change introduced in commit c49cfa917025, where the USB serial core began calling a generic resume implementation if the driver did not provide its own. This change led to a crash on system resume because the mos7840 driver submits multiple read URBs (USB Request Blocks) during resume, but the context pointer for the second URB is incorrectly set to the USB serial core rather than the mos7840 port structure. This mismatch causes the kernel to crash when handling the resume process for open ports. The root cause is that the mos7840 driver lacks dedicated suspend and resume functions to properly manage the URBs during power state transitions. The fix involves implementing these dedicated suspend and resume functions for the mos7840 driver, ensuring correct context pointers and proper handling of URBs on resume. The vulnerability is technical and specific to the USB serial subsystem in Linux kernel versions containing the affected commit, impacting devices using the mos7840 driver. No known exploits are currently reported in the wild. The vulnerability primarily leads to a denial of service condition via kernel crash during resume from suspend, potentially causing system instability or reboot. Since this affects kernel-level USB serial drivers, it could impact embedded systems, industrial control systems, or other environments relying on USB serial adapters for communication or device management.
Potential Impact
For European organizations, the impact of CVE-2024-42244 is primarily related to system availability and stability. Organizations using Linux systems with USB serial adapters based on the mos7840 chipset—common in industrial, manufacturing, or legacy communication equipment—may experience system crashes or unexpected reboots when resuming from suspend or hibernation states. This can disrupt critical operations, especially in sectors relying on continuous data acquisition, device control, or serial communication such as manufacturing plants, transportation systems, healthcare devices, and telecommunications infrastructure. The denial of service caused by the kernel crash could lead to operational downtime, potential data loss if systems are not properly shut down, and increased maintenance overhead. While the vulnerability does not directly expose confidentiality or integrity risks, the availability impact can be significant in environments where uptime is critical. Additionally, repeated crashes could complicate incident response and system management. European organizations with Linux deployments in industrial IoT, embedded systems, or specialized hardware environments are most at risk. The lack of known exploits reduces immediate threat but does not eliminate risk, especially as attackers could develop exploits targeting this vulnerability to cause disruption.
Mitigation Recommendations
To mitigate CVE-2024-42244, European organizations should: 1) Apply the latest Linux kernel updates that include the patch implementing dedicated suspend and resume functions for the mos7840 driver. This is the definitive fix and should be prioritized. 2) Identify systems using USB serial adapters based on the mos7840 chipset, such as the Delock 87414 or similar devices, and assess their exposure to suspend/resume cycles. 3) Where patching is not immediately possible, consider disabling suspend or hibernation features on affected systems to avoid triggering the resume crash. 4) Implement monitoring for kernel crashes and system reboots related to USB serial device activity to detect potential exploitation or instability early. 5) For critical industrial or embedded systems, test kernel updates in controlled environments to ensure compatibility and stability before deployment. 6) Engage with hardware vendors to confirm compatibility and receive updated drivers or firmware if available. 7) Maintain robust backup and recovery procedures to minimize operational impact in case of system crashes. These steps go beyond generic advice by focusing on the specific driver and hardware involved, emphasizing patching, system identification, and operational controls tailored to the vulnerability's nature.
Affected Countries
Germany, France, United Kingdom, Italy, Netherlands, Sweden, Poland, Spain
CVE-2024-42244: Vulnerability in Linux Linux
Description
In the Linux kernel, the following vulnerability has been resolved: USB: serial: mos7840: fix crash on resume Since commit c49cfa917025 ("USB: serial: use generic method if no alternative is provided in usb serial layer"), USB serial core calls the generic resume implementation when the driver has not provided one. This can trigger a crash on resume with mos7840 since support for multiple read URBs was added back in 2011. Specifically, both port read URBs are now submitted on resume for open ports, but the context pointer of the second URB is left set to the core rather than mos7840 port structure. Fix this by implementing dedicated suspend and resume functions for mos7840. Tested with Delock 87414 USB 2.0 to 4x serial adapter. [ johan: analyse crash and rewrite commit message; set busy flag on resume; drop bulk-in check; drop unnecessary usb_kill_urb() ]
AI-Powered Analysis
Technical Analysis
CVE-2024-42244 is a vulnerability identified in the Linux kernel's USB serial driver specifically affecting the mos7840 driver, which supports certain USB-to-serial adapters such as the Delock 87414 USB 2.0 to 4x serial adapter. The issue arises from a change introduced in commit c49cfa917025, where the USB serial core began calling a generic resume implementation if the driver did not provide its own. This change led to a crash on system resume because the mos7840 driver submits multiple read URBs (USB Request Blocks) during resume, but the context pointer for the second URB is incorrectly set to the USB serial core rather than the mos7840 port structure. This mismatch causes the kernel to crash when handling the resume process for open ports. The root cause is that the mos7840 driver lacks dedicated suspend and resume functions to properly manage the URBs during power state transitions. The fix involves implementing these dedicated suspend and resume functions for the mos7840 driver, ensuring correct context pointers and proper handling of URBs on resume. The vulnerability is technical and specific to the USB serial subsystem in Linux kernel versions containing the affected commit, impacting devices using the mos7840 driver. No known exploits are currently reported in the wild. The vulnerability primarily leads to a denial of service condition via kernel crash during resume from suspend, potentially causing system instability or reboot. Since this affects kernel-level USB serial drivers, it could impact embedded systems, industrial control systems, or other environments relying on USB serial adapters for communication or device management.
Potential Impact
For European organizations, the impact of CVE-2024-42244 is primarily related to system availability and stability. Organizations using Linux systems with USB serial adapters based on the mos7840 chipset—common in industrial, manufacturing, or legacy communication equipment—may experience system crashes or unexpected reboots when resuming from suspend or hibernation states. This can disrupt critical operations, especially in sectors relying on continuous data acquisition, device control, or serial communication such as manufacturing plants, transportation systems, healthcare devices, and telecommunications infrastructure. The denial of service caused by the kernel crash could lead to operational downtime, potential data loss if systems are not properly shut down, and increased maintenance overhead. While the vulnerability does not directly expose confidentiality or integrity risks, the availability impact can be significant in environments where uptime is critical. Additionally, repeated crashes could complicate incident response and system management. European organizations with Linux deployments in industrial IoT, embedded systems, or specialized hardware environments are most at risk. The lack of known exploits reduces immediate threat but does not eliminate risk, especially as attackers could develop exploits targeting this vulnerability to cause disruption.
Mitigation Recommendations
To mitigate CVE-2024-42244, European organizations should: 1) Apply the latest Linux kernel updates that include the patch implementing dedicated suspend and resume functions for the mos7840 driver. This is the definitive fix and should be prioritized. 2) Identify systems using USB serial adapters based on the mos7840 chipset, such as the Delock 87414 or similar devices, and assess their exposure to suspend/resume cycles. 3) Where patching is not immediately possible, consider disabling suspend or hibernation features on affected systems to avoid triggering the resume crash. 4) Implement monitoring for kernel crashes and system reboots related to USB serial device activity to detect potential exploitation or instability early. 5) For critical industrial or embedded systems, test kernel updates in controlled environments to ensure compatibility and stability before deployment. 6) Engage with hardware vendors to confirm compatibility and receive updated drivers or firmware if available. 7) Maintain robust backup and recovery procedures to minimize operational impact in case of system crashes. These steps go beyond generic advice by focusing on the specific driver and hardware involved, emphasizing patching, system identification, and operational controls tailored to the vulnerability's nature.
Affected Countries
For access to advanced analysis and higher rate limits, contact root@offseq.com
Technical Details
- Data Version
- 5.1
- Assigner Short Name
- Linux
- Date Reserved
- 2024-07-30T07:40:12.254Z
- Cisa Enriched
- true
- Cvss Version
- null
- State
- PUBLISHED
Threat ID: 682d9828c4522896dcbe1cd4
Added to database: 5/21/2025, 9:08:56 AM
Last enriched: 6/29/2025, 6:11:37 AM
Last updated: 8/7/2025, 6:50:43 PM
Views: 13
Related Threats
CVE-2025-9097: Improper Export of Android Application Components in Euro Information CIC banque et compte en ligne App
MediumCVE-2025-9096: Cross Site Scripting in ExpressGateway express-gateway
MediumCVE-2025-9095: Cross Site Scripting in ExpressGateway express-gateway
MediumCVE-2025-7342: CWE-798 Use of Hard-coded Credentials in Kubernetes Image Builder
HighCVE-2025-9094: Improper Neutralization of Special Elements Used in a Template Engine in ThingsBoard
MediumActions
Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.
External Links
Need enhanced features?
Contact root@offseq.com for Pro access with improved analysis and higher rate limits.