fkie_cve-2024-56580
Vulnerability from fkie_nvd
Published
2024-12-27 15:15
Modified
2025-01-08 16:43
Severity ?
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Summary
In the Linux kernel, the following vulnerability has been resolved: media: qcom: camss: fix error path on configuration of power domains There is a chance to meet runtime issues during configuration of CAMSS power domains, because on the error path dev_pm_domain_detach() is unexpectedly called with NULL or error pointer. One of the simplest ways to reproduce the problem is to probe CAMSS driver before registration of CAMSS power domains, for instance if a platform CAMCC driver is simply not built. Warning backtrace example: Unable to handle kernel NULL pointer dereference at virtual address 00000000000001a2 <snip> pc : dev_pm_domain_detach+0x8/0x48 lr : camss_probe+0x374/0x9c0 <snip> Call trace: dev_pm_domain_detach+0x8/0x48 platform_probe+0x70/0xf0 really_probe+0xc4/0x2a8 __driver_probe_device+0x80/0x140 driver_probe_device+0x48/0x170 __device_attach_driver+0xc0/0x148 bus_for_each_drv+0x88/0xf0 __device_attach+0xb0/0x1c0 device_initial_probe+0x1c/0x30 bus_probe_device+0xb4/0xc0 deferred_probe_work_func+0x90/0xd0 process_one_work+0x164/0x3e0 worker_thread+0x310/0x420 kthread+0x120/0x130 ret_from_fork+0x10/0x20
References
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/4f45d65b781499d2a79eca12155532739c876aa2Patch
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/c98586d8d01c9e860e7acc3807c2afeb1dc14e8aPatch
Impacted products
Vendor Product Version
linux linux_kernel *


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "21856C26-95A5-464A-B4C0-CFBF485C6080",
              "versionEndExcluding": "6.12.4",
              "versionStartIncluding": "6.8",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: qcom: camss: fix error path on configuration of power domains\n\nThere is a chance to meet runtime issues during configuration of CAMSS\npower domains, because on the error path dev_pm_domain_detach() is\nunexpectedly called with NULL or error pointer.\n\nOne of the simplest ways to reproduce the problem is to probe CAMSS\ndriver before registration of CAMSS power domains, for instance if\na platform CAMCC driver is simply not built.\n\nWarning backtrace example:\n\n    Unable to handle kernel NULL pointer dereference at virtual address 00000000000001a2\n\n    \u003csnip\u003e\n\n    pc : dev_pm_domain_detach+0x8/0x48\n    lr : camss_probe+0x374/0x9c0\n\n    \u003csnip\u003e\n\n    Call trace:\n     dev_pm_domain_detach+0x8/0x48\n     platform_probe+0x70/0xf0\n     really_probe+0xc4/0x2a8\n     __driver_probe_device+0x80/0x140\n     driver_probe_device+0x48/0x170\n     __device_attach_driver+0xc0/0x148\n     bus_for_each_drv+0x88/0xf0\n     __device_attach+0xb0/0x1c0\n     device_initial_probe+0x1c/0x30\n     bus_probe_device+0xb4/0xc0\n     deferred_probe_work_func+0x90/0xd0\n     process_one_work+0x164/0x3e0\n     worker_thread+0x310/0x420\n     kthread+0x120/0x130\n     ret_from_fork+0x10/0x20"
    },
    {
      "lang": "es",
      "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: media: qcom: camss: fix error path on configuration of power domains Existe la posibilidad de encontrar problemas de tiempo de ejecuci\u00f3n durante la configuraci\u00f3n de dominios de energ\u00eda CAMSS, porque en la ruta de error dev_pm_domain_detach() se llama inesperadamente con NULL o puntero de error. Una de las formas m\u00e1s simples de reproducir el problema es probar el controlador CAMSS antes del registro de dominios de energ\u00eda CAMSS, por ejemplo, si un controlador CAMCC de plataforma simplemente no est\u00e1 construido. Ejemplo de seguimiento de advertencia: No se puede gestionar la desreferencia del puntero NULL del n\u00facleo en la direcci\u00f3n virtual 00000000000001a2  pc : dev_pm_domain_detach+0x8/0x48 lr : camss_probe+0x374/0x9c0  Seguimiento de llamadas: dev_pm_domain_detach+0x8/0x48 platform_probe+0x70/0xf0 really_probe+0xc4/0x2a8 __driver_probe_device+0x80/0x140 driver_probe_device+0x48/0x170 __device_attach_driver+0xc0/0x148 bus_for_each_drv+0x88/0xf0 __device_attach+0xb0/0x1c0 dispositivo_sonda_inicial+0x1c/0x30 dispositivo_sonda_bus+0xb4/0xc0 funci\u00f3n_trabajo_sonda_diferida+0x90/0xd0 trabajo_uno_proceso+0x164/0x3e0 subproceso_trabajador+0x310/0x420 subproceso_k+0x120/0x130 ret_de_bifurcaci\u00f3n+0x10/0x20"
    }
  ],
  "id": "CVE-2024-56580",
  "lastModified": "2025-01-08T16:43:44.460",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 5.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2024-12-27T15:15:17.093",
  "references": [
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/4f45d65b781499d2a79eca12155532739c876aa2"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/c98586d8d01c9e860e7acc3807c2afeb1dc14e8a"
    }
  ],
  "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-476"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.