GHSA-J53Q-3928-9255

Vulnerability from github – Published: 2024-12-27 15:31 – Updated: 2025-01-08 18:30
VLAI?
Details

In the Linux kernel, the following vulnerability has been resolved:

media: qcom: camss: fix error path on configuration of power domains

There is a chance to meet runtime issues during configuration of CAMSS power domains, because on the error path dev_pm_domain_detach() is unexpectedly called with NULL or error pointer.

One of the simplest ways to reproduce the problem is to probe CAMSS driver before registration of CAMSS power domains, for instance if a platform CAMCC driver is simply not built.

Warning backtrace example:

Unable to handle kernel NULL pointer dereference at virtual address 00000000000001a2

<snip>

pc : dev_pm_domain_detach+0x8/0x48
lr : camss_probe+0x374/0x9c0

<snip>

Call trace:
 dev_pm_domain_detach+0x8/0x48
 platform_probe+0x70/0xf0
 really_probe+0xc4/0x2a8
 __driver_probe_device+0x80/0x140
 driver_probe_device+0x48/0x170
 __device_attach_driver+0xc0/0x148
 bus_for_each_drv+0x88/0xf0
 __device_attach+0xb0/0x1c0
 device_initial_probe+0x1c/0x30
 bus_probe_device+0xb4/0xc0
 deferred_probe_work_func+0x90/0xd0
 process_one_work+0x164/0x3e0
 worker_thread+0x310/0x420
 kthread+0x120/0x130
 ret_from_fork+0x10/0x20
Severity ?
5.5 (Medium)
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Show details on source website
To clipboard 

{
  "affected": [],
  "aliases": [
    "CVE-2024-56580"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-476"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-12-27T15:15:17Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: qcom: camss: fix error path on configuration of power domains\n\nThere is a chance to meet runtime issues during configuration of CAMSS\npower domains, because on the error path dev_pm_domain_detach() is\nunexpectedly called with NULL or error pointer.\n\nOne of the simplest ways to reproduce the problem is to probe CAMSS\ndriver before registration of CAMSS power domains, for instance if\na platform CAMCC driver is simply not built.\n\nWarning backtrace example:\n\n    Unable to handle kernel NULL pointer dereference at virtual address 00000000000001a2\n\n    \u003csnip\u003e\n\n    pc : dev_pm_domain_detach+0x8/0x48\n    lr : camss_probe+0x374/0x9c0\n\n    \u003csnip\u003e\n\n    Call trace:\n     dev_pm_domain_detach+0x8/0x48\n     platform_probe+0x70/0xf0\n     really_probe+0xc4/0x2a8\n     __driver_probe_device+0x80/0x140\n     driver_probe_device+0x48/0x170\n     __device_attach_driver+0xc0/0x148\n     bus_for_each_drv+0x88/0xf0\n     __device_attach+0xb0/0x1c0\n     device_initial_probe+0x1c/0x30\n     bus_probe_device+0xb4/0xc0\n     deferred_probe_work_func+0x90/0xd0\n     process_one_work+0x164/0x3e0\n     worker_thread+0x310/0x420\n     kthread+0x120/0x130\n     ret_from_fork+0x10/0x20",
  "id": "GHSA-j53q-3928-9255",
  "modified": "2025-01-08T18:30:47Z",
  "published": "2024-12-27T15:31:54Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-56580"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/4f45d65b781499d2a79eca12155532739c876aa2"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/c98586d8d01c9e860e7acc3807c2afeb1dc14e8a"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.