{"id":"CVE-2024-50267","summary":"USB: serial: io_edgeport: fix use after free in debug printk","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nUSB: serial: io_edgeport: fix use after free in debug printk\n\nThe \"dev_dbg(&urb-\u003edev-\u003edev, ...\" which happens after usb_free_urb(urb)\nis a use after free of the \"urb\" pointer.  Store the \"dev\" pointer at the\nstart of the function to avoid this issue.","modified":"2026-05-18T05:56:10.314834235Z","published":"2024-11-19T01:30:03.929Z","related":["SUSE-SU-2024:4313-1","SUSE-SU-2024:4314-1","SUSE-SU-2024:4315-1","SUSE-SU-2024:4316-1","SUSE-SU-2024:4317-1","SUSE-SU-2024:4318-1","SUSE-SU-2024:4345-1","SUSE-SU-2024:4346-1","SUSE-SU-2024:4364-1","SUSE-SU-2024:4367-1","SUSE-SU-2024:4376-1","SUSE-SU-2024:4387-1","SUSE-SU-2024:4388-1","SUSE-SU-2025:0035-1","SUSE-SU-2025:20163-1","SUSE-SU-2025:20164-1","SUSE-SU-2025:20246-1","SUSE-SU-2025:20247-1","USN-7276-1","USN-7277-1"],"database_specific":{"osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/50xxx/CVE-2024-50267.json","cna_assigner":"Linux"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/13d6ff3ca76056d06a9d88300be2a293442ff595"},{"type":"WEB","url":"https://git.kernel.org/stable/c/275258c30bbda29467216e96fb655b16bcc9992b"},{"type":"WEB","url":"https://git.kernel.org/stable/c/314bdf446053e123f37543aa535197ee75f8aa97"},{"type":"WEB","url":"https://git.kernel.org/stable/c/37bb5628379295c1254c113a407cab03a0f4d0b4"},{"type":"WEB","url":"https://git.kernel.org/stable/c/39709ce93f5c3f9eb535efe2afea088805d1128f"},{"type":"WEB","url":"https://git.kernel.org/stable/c/44fff2c16c5aafbdb70c7183dae0a415ae74705e"},{"type":"WEB","url":"https://git.kernel.org/stable/c/e567fc8f7a4460e486e52c9261b1e8b9f5dc42aa"},{"type":"WEB","url":"https://git.kernel.org/stable/c/e6ceb04eeb6115d872d4c4078d12f1170ed755ce"},{"type":"WEB","url":"https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html"},{"type":"WEB","url":"https://lists.debian.org/debian-lts-announce/2025/03/msg00002.html"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/50xxx/CVE-2024-50267.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2024-50267"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"984f68683298ba53af32f909de1f9452fbb37ccb"},{"fixed":"e6ceb04eeb6115d872d4c4078d12f1170ed755ce"},{"fixed":"39709ce93f5c3f9eb535efe2afea088805d1128f"},{"fixed":"e567fc8f7a4460e486e52c9261b1e8b9f5dc42aa"},{"fixed":"44fff2c16c5aafbdb70c7183dae0a415ae74705e"},{"fixed":"275258c30bbda29467216e96fb655b16bcc9992b"},{"fixed":"13d6ff3ca76056d06a9d88300be2a293442ff595"},{"fixed":"314bdf446053e123f37543aa535197ee75f8aa97"},{"fixed":"37bb5628379295c1254c113a407cab03a0f4d0b4"}]}],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-50267.json"}},{"package":{"name":"Kernel","ecosystem":"Linux"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"3.7.0"},{"fixed":"4.19.324"}]},{"type":"ECOSYSTEM","events":[{"introduced":"4.20.0"},{"fixed":"5.4.286"}]},{"type":"ECOSYSTEM","events":[{"introduced":"5.5.0"},{"fixed":"5.10.230"}]},{"type":"ECOSYSTEM","events":[{"introduced":"5.11.0"},{"fixed":"5.15.172"}]},{"type":"ECOSYSTEM","events":[{"introduced":"5.16.0"},{"fixed":"6.1.117"}]},{"type":"ECOSYSTEM","events":[{"introduced":"6.2.0"},{"fixed":"6.6.61"}]},{"type":"ECOSYSTEM","events":[{"introduced":"6.7.0"},{"fixed":"6.11.8"}]}],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-50267.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}]}