{"uuid": "6c8c7c9e-57d2-42c5-a848-144a3be8cf8f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56545", "type": "seen", "source": "https://t.me/cvedetector/13742", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-56545 - Linux Kernel HID Hyper-V Driver Unregistered Driver Memory Leak\", \n  \"Content\": \"CVE ID : CVE-2024-56545 \nPublished : Dec. 27, 2024, 2:15 p.m. | 42\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved:  \n  \nHID: hyperv: streamline driver probe to avoid devres issues  \n  \nIt was found that unloading 'hid_hyperv' module results in a devres  \ncomplaint:  \n  \n ...  \n hv_vmbus: unregistering driver hid_hyperv  \n ------------[ cut here ]------------  \n WARNING: CPU: 2 PID: 3983 at drivers/base/devres.c:691 devres_release_group+0x1f2/0x2c0  \n ...  \n Call Trace:  \n    \n  ? devres_release_group+0x1f2/0x2c0  \n  ? __warn+0xd1/0x1c0  \n  ? devres_release_group+0x1f2/0x2c0  \n  ? report_bug+0x32a/0x3c0  \n  ? handle_bug+0x53/0xa0  \n  ? exc_invalid_op+0x18/0x50  \n  ? asm_exc_invalid_op+0x1a/0x20  \n  ? devres_release_group+0x1f2/0x2c0  \n  ? devres_release_group+0x90/0x2c0  \n  ? rcu_is_watching+0x15/0xb0  \n  ? __pfx_devres_release_group+0x10/0x10  \n  hid_device_remove+0xf5/0x220  \n  device_release_driver_internal+0x371/0x540  \n  ? klist_put+0xf3/0x170  \n  bus_remove_device+0x1f1/0x3f0  \n  device_del+0x33f/0x8c0  \n  ? __pfx_device_del+0x10/0x10  \n  ? cleanup_srcu_struct+0x337/0x500  \n  hid_destroy_device+0xc8/0x130  \n  mousevsc_remove+0xd2/0x1d0 [hid_hyperv]  \n  device_release_driver_internal+0x371/0x540  \n  driver_detach+0xc5/0x180  \n  bus_remove_driver+0x11e/0x2a0  \n  ? __mutex_unlock_slowpath+0x160/0x5e0  \n  vmbus_driver_unregister+0x62/0x2b0 [hv_vmbus]  \n  ...  \n  \nAnd the issue seems to be that the corresponding devres group is not  \nallocated. Normally, devres_open_group() is called from  \n__hid_device_probe() but Hyper-V HID driver overrides 'hid_dev->driver'  \nwith 'mousevsc_hid_driver' stub and basically re-implements  \n__hid_device_probe() by calling hid_parse() and hid_hw_start() but not  \ndevres_open_group(). hid_device_probe() does not call __hid_device_probe()  \nfor it. Later, when the driver is removed, hid_device_remove() calls  \ndevres_release_group() as it doesn't check whether hdev->driver was  \ninitially overridden or not.  \n  \nThe issue seems to be related to the commit 62c68e7cee33 (\"HID: ensure  \ntimely release of driver-allocated resources\") but the commit itself seems  \nto be correct.  \n  \nFix the issue by dropping the 'hid_dev->driver' override and using  \nhid_register_driver()/hid_unregister_driver() instead. Alternatively, it  \nwould have been possible to rely on the default handling but  \nHID_CONNECT_DEFAULT implies HID_CONNECT_HIDRAW and it doesn't seem to work  \nfor mousevsc as-is. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"27 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-27T15:59:44.000000Z"}