CVE-2024-46706: Vulnerability in Linux Linux
In the Linux kernel, the following vulnerability has been resolved: tty: serial: fsl_lpuart: mark last busy before uart_add_one_port With "earlycon initcall_debug=1 loglevel=8" in bootargs, kernel sometimes boot hang. It is because normal console still is not ready, but runtime suspend is called, so early console putchar will hang in waiting TRDE set in UARTSTAT. The lpuart driver has auto suspend delay set to 3000ms, but during uart_add_one_port, a child device serial ctrl will added and probed with its pm runtime enabled(see serial_ctrl.c). The runtime suspend call path is: device_add |-> bus_probe_device |->device_initial_probe |->__device_attach |-> pm_runtime_get_sync(dev->parent); |-> pm_request_idle(dev); |-> pm_runtime_put(dev->parent); So in the end, before normal console ready, the lpuart get runtime suspended. And earlycon putchar will hang. To address the issue, mark last busy just after pm_runtime_enable, three seconds is long enough to switch from bootconsole to normal console.
AI Analysis
Technical Summary
CVE-2024-46706 is a vulnerability identified in the Linux kernel specifically related to the serial driver for Freescale Low Power UART (fsl_lpuart). The issue arises during the early boot process when the kernel uses early console output (earlycon) for debugging. The vulnerability is caused by a race condition in the power management runtime suspend mechanism of the UART driver. During system boot, the early console attempts to output characters before the normal console is fully initialized. However, the runtime suspend is triggered prematurely on the UART device because the driver sets an auto suspend delay of 3000ms, and a child device (serial control) is added and probed with runtime power management enabled. This sequence leads to the UART device being suspended before the normal console is ready, causing the early console's putchar function to hang while waiting for a hardware status bit (TRDE in UARTSTAT) to be set. The root cause is that the driver does not mark the device as recently busy early enough to prevent runtime suspend during this critical boot phase. The fix involves marking the device as last busy immediately after enabling runtime power management, ensuring that the device remains active long enough to transition from the early console to the normal console without hanging. This vulnerability affects Linux kernel versions containing the fsl_lpuart driver with the described power management behavior. No known exploits are reported in the wild, and no CVSS score has been assigned yet.
Potential Impact
For European organizations, the impact of CVE-2024-46706 is primarily related to system availability and reliability during boot on devices using affected Linux kernel versions with the fsl_lpuart serial driver. This vulnerability can cause systems to hang during boot if early console debugging is enabled, potentially leading to denial of service conditions on embedded or industrial Linux systems that rely on this UART driver for serial console access. Such systems are common in telecommunications, manufacturing, and critical infrastructure sectors across Europe. While this issue does not directly compromise confidentiality or integrity, the inability to boot reliably can disrupt operations, delay incident response, and complicate system recovery. The impact is more pronounced in environments where early console debugging is enabled for troubleshooting or monitoring, such as in development, embedded devices, or specialized industrial equipment. Since no known exploits exist, the threat is currently low but could increase if attackers develop methods to trigger boot hangs remotely or through physical access.
Mitigation Recommendations
To mitigate CVE-2024-46706, European organizations should: 1) Apply the latest Linux kernel patches that address this issue by marking the device as last busy immediately after enabling runtime power management in the fsl_lpuart driver. 2) Avoid enabling early console debugging (earlycon) with initcall_debug=1 and high loglevel settings in production environments unless necessary for troubleshooting. 3) For embedded or industrial systems using affected hardware, coordinate with hardware vendors and Linux distribution maintainers to ensure updated kernel versions are deployed promptly. 4) Implement robust boot monitoring and fallback mechanisms to recover from potential boot hangs, such as watchdog timers or remote management consoles. 5) Conduct thorough testing of kernel updates in staging environments to verify that the fix does not introduce regressions in power management or console functionality. 6) Maintain an inventory of systems using affected kernel versions and the fsl_lpuart driver to prioritize patching and monitoring efforts.
Affected Countries
Germany, France, United Kingdom, Netherlands, Italy, Spain, Poland, Sweden
CVE-2024-46706: Vulnerability in Linux Linux
Description
In the Linux kernel, the following vulnerability has been resolved: tty: serial: fsl_lpuart: mark last busy before uart_add_one_port With "earlycon initcall_debug=1 loglevel=8" in bootargs, kernel sometimes boot hang. It is because normal console still is not ready, but runtime suspend is called, so early console putchar will hang in waiting TRDE set in UARTSTAT. The lpuart driver has auto suspend delay set to 3000ms, but during uart_add_one_port, a child device serial ctrl will added and probed with its pm runtime enabled(see serial_ctrl.c). The runtime suspend call path is: device_add |-> bus_probe_device |->device_initial_probe |->__device_attach |-> pm_runtime_get_sync(dev->parent); |-> pm_request_idle(dev); |-> pm_runtime_put(dev->parent); So in the end, before normal console ready, the lpuart get runtime suspended. And earlycon putchar will hang. To address the issue, mark last busy just after pm_runtime_enable, three seconds is long enough to switch from bootconsole to normal console.
AI-Powered Analysis
Technical Analysis
CVE-2024-46706 is a vulnerability identified in the Linux kernel specifically related to the serial driver for Freescale Low Power UART (fsl_lpuart). The issue arises during the early boot process when the kernel uses early console output (earlycon) for debugging. The vulnerability is caused by a race condition in the power management runtime suspend mechanism of the UART driver. During system boot, the early console attempts to output characters before the normal console is fully initialized. However, the runtime suspend is triggered prematurely on the UART device because the driver sets an auto suspend delay of 3000ms, and a child device (serial control) is added and probed with runtime power management enabled. This sequence leads to the UART device being suspended before the normal console is ready, causing the early console's putchar function to hang while waiting for a hardware status bit (TRDE in UARTSTAT) to be set. The root cause is that the driver does not mark the device as recently busy early enough to prevent runtime suspend during this critical boot phase. The fix involves marking the device as last busy immediately after enabling runtime power management, ensuring that the device remains active long enough to transition from the early console to the normal console without hanging. This vulnerability affects Linux kernel versions containing the fsl_lpuart driver with the described power management behavior. No known exploits are reported in the wild, and no CVSS score has been assigned yet.
Potential Impact
For European organizations, the impact of CVE-2024-46706 is primarily related to system availability and reliability during boot on devices using affected Linux kernel versions with the fsl_lpuart serial driver. This vulnerability can cause systems to hang during boot if early console debugging is enabled, potentially leading to denial of service conditions on embedded or industrial Linux systems that rely on this UART driver for serial console access. Such systems are common in telecommunications, manufacturing, and critical infrastructure sectors across Europe. While this issue does not directly compromise confidentiality or integrity, the inability to boot reliably can disrupt operations, delay incident response, and complicate system recovery. The impact is more pronounced in environments where early console debugging is enabled for troubleshooting or monitoring, such as in development, embedded devices, or specialized industrial equipment. Since no known exploits exist, the threat is currently low but could increase if attackers develop methods to trigger boot hangs remotely or through physical access.
Mitigation Recommendations
To mitigate CVE-2024-46706, European organizations should: 1) Apply the latest Linux kernel patches that address this issue by marking the device as last busy immediately after enabling runtime power management in the fsl_lpuart driver. 2) Avoid enabling early console debugging (earlycon) with initcall_debug=1 and high loglevel settings in production environments unless necessary for troubleshooting. 3) For embedded or industrial systems using affected hardware, coordinate with hardware vendors and Linux distribution maintainers to ensure updated kernel versions are deployed promptly. 4) Implement robust boot monitoring and fallback mechanisms to recover from potential boot hangs, such as watchdog timers or remote management consoles. 5) Conduct thorough testing of kernel updates in staging environments to verify that the fix does not introduce regressions in power management or console functionality. 6) Maintain an inventory of systems using affected kernel versions and the fsl_lpuart driver to prioritize patching and monitoring efforts.
Affected Countries
For access to advanced analysis and higher rate limits, contact root@offseq.com
Technical Details
- Data Version
- 5.1
- Assigner Short Name
- Linux
- Date Reserved
- 2024-09-11T15:12:18.252Z
- Cisa Enriched
- true
- Cvss Version
- null
- State
- PUBLISHED
Threat ID: 682d9826c4522896dcbe1023
Added to database: 5/21/2025, 9:08:54 AM
Last enriched: 6/29/2025, 12:39:41 AM
Last updated: 7/26/2025, 1:33:07 PM
Views: 11
Related Threats
CVE-2025-43735: CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') in Liferay Portal
MediumCVE-2025-40770: CWE-300: Channel Accessible by Non-Endpoint in Siemens SINEC Traffic Analyzer
HighCVE-2025-40769: CWE-1164: Irrelevant Code in Siemens SINEC Traffic Analyzer
HighCVE-2025-40768: CWE-200: Exposure of Sensitive Information to an Unauthorized Actor in Siemens SINEC Traffic Analyzer
HighCVE-2025-40767: CWE-250: Execution with Unnecessary Privileges in Siemens SINEC Traffic Analyzer
HighActions
Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.
External Links
Need enhanced features?
Contact root@offseq.com for Pro access with improved analysis and higher rate limits.