cvelistv5 - CVE-2024-56580

CVE-2024-56580

Vulnerability from cvelistv5

Published

2024-12-27 14:23

Modified

2024-12-27 14:23

Severity ?

Summary

In the Linux kernel, the following vulnerability has been resolved: media: qcom: camss: fix error path on configuration of power domains There is a chance to meet runtime issues during configuration of CAMSS power domains, because on the error path dev_pm_domain_detach() is unexpectedly called with NULL or error pointer. One of the simplest ways to reproduce the problem is to probe CAMSS driver before registration of CAMSS power domains, for instance if a platform CAMCC driver is simply not built. Warning backtrace example: Unable to handle kernel NULL pointer dereference at virtual address 00000000000001a2 <snip> pc : dev_pm_domain_detach+0x8/0x48 lr : camss_probe+0x374/0x9c0 <snip> Call trace: dev_pm_domain_detach+0x8/0x48 platform_probe+0x70/0xf0 really_probe+0xc4/0x2a8 __driver_probe_device+0x80/0x140 driver_probe_device+0x48/0x170 __device_attach_driver+0xc0/0x148 bus_for_each_drv+0x88/0xf0 __device_attach+0xb0/0x1c0 device_initial_probe+0x1c/0x30 bus_probe_device+0xb4/0xc0 deferred_probe_work_func+0x90/0xd0 process_one_work+0x164/0x3e0 worker_thread+0x310/0x420 kthread+0x120/0x130 ret_from_fork+0x10/0x20

References

▼	URL	Tags
	416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/4f45d65b781499d2a79eca12155532739c876aa2
	416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/c98586d8d01c9e860e7acc3807c2afeb1dc14e8a

Impacted products

Vendor

Product

Version

▼

Linux

Version: 23aa4f0cd3273b269560a9236c48b43a3982ac13
Version: 23aa4f0cd3273b269560a9236c48b43a3982ac13

Linux

Version: 6.8

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/media/platform/qcom/camss/camss.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "c98586d8d01c9e860e7acc3807c2afeb1dc14e8a",
              "status": "affected",
              "version": "23aa4f0cd3273b269560a9236c48b43a3982ac13",
              "versionType": "git"
            },
            {
              "lessThan": "4f45d65b781499d2a79eca12155532739c876aa2",
              "status": "affected",
              "version": "23aa4f0cd3273b269560a9236c48b43a3982ac13",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/media/platform/qcom/camss/camss.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "6.8"
            },
            {
              "lessThan": "6.8",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.12.*",
              "status": "unaffected",
              "version": "6.12.4",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.13-rc1",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: qcom: camss: fix error path on configuration of power domains\n\nThere is a chance to meet runtime issues during configuration of CAMSS\npower domains, because on the error path dev_pm_domain_detach() is\nunexpectedly called with NULL or error pointer.\n\nOne of the simplest ways to reproduce the problem is to probe CAMSS\ndriver before registration of CAMSS power domains, for instance if\na platform CAMCC driver is simply not built.\n\nWarning backtrace example:\n\n    Unable to handle kernel NULL pointer dereference at virtual address 00000000000001a2\n\n    \u003csnip\u003e\n\n    pc : dev_pm_domain_detach+0x8/0x48\n    lr : camss_probe+0x374/0x9c0\n\n    \u003csnip\u003e\n\n    Call trace:\n     dev_pm_domain_detach+0x8/0x48\n     platform_probe+0x70/0xf0\n     really_probe+0xc4/0x2a8\n     __driver_probe_device+0x80/0x140\n     driver_probe_device+0x48/0x170\n     __device_attach_driver+0xc0/0x148\n     bus_for_each_drv+0x88/0xf0\n     __device_attach+0xb0/0x1c0\n     device_initial_probe+0x1c/0x30\n     bus_probe_device+0xb4/0xc0\n     deferred_probe_work_func+0x90/0xd0\n     process_one_work+0x164/0x3e0\n     worker_thread+0x310/0x420\n     kthread+0x120/0x130\n     ret_from_fork+0x10/0x20"
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-12-27T14:23:22.380Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/c98586d8d01c9e860e7acc3807c2afeb1dc14e8a"
        },
        {
          "url": "https://git.kernel.org/stable/c/4f45d65b781499d2a79eca12155532739c876aa2"
        }
      ],
      "title": "media: qcom: camss: fix error path on configuration of power domains",
      "x_generator": {
        "engine": "bippy-5f407fcff5a0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2024-56580",
    "datePublished": "2024-12-27T14:23:22.380Z",
    "dateReserved": "2024-12-27T14:03:06.000Z",
    "dateUpdated": "2024-12-27T14:23:22.380Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2024-56580\",\"sourceIdentifier\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"published\":\"2024-12-27T15:15:17.093\",\"lastModified\":\"2024-12-27T15:15:17.093\",\"vulnStatus\":\"Received\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In the Linux kernel, the following vulnerability has been resolved:\\n\\nmedia: qcom: camss: fix error path on configuration of power domains\\n\\nThere is a chance to meet runtime issues during configuration of CAMSS\\npower domains, because on the error path dev_pm_domain_detach() is\\nunexpectedly called with NULL or error pointer.\\n\\nOne of the simplest ways to reproduce the problem is to probe CAMSS\\ndriver before registration of CAMSS power domains, for instance if\\na platform CAMCC driver is simply not built.\\n\\nWarning backtrace example:\\n\\n    Unable to handle kernel NULL pointer dereference at virtual address 00000000000001a2\\n\\n    \u003csnip\u003e\\n\\n    pc : dev_pm_domain_detach+0x8/0x48\\n    lr : camss_probe+0x374/0x9c0\\n\\n    \u003csnip\u003e\\n\\n    Call trace:\\n     dev_pm_domain_detach+0x8/0x48\\n     platform_probe+0x70/0xf0\\n     really_probe+0xc4/0x2a8\\n     __driver_probe_device+0x80/0x140\\n     driver_probe_device+0x48/0x170\\n     __device_attach_driver+0xc0/0x148\\n     bus_for_each_drv+0x88/0xf0\\n     __device_attach+0xb0/0x1c0\\n     device_initial_probe+0x1c/0x30\\n     bus_probe_device+0xb4/0xc0\\n     deferred_probe_work_func+0x90/0xd0\\n     process_one_work+0x164/0x3e0\\n     worker_thread+0x310/0x420\\n     kthread+0x120/0x130\\n     ret_from_fork+0x10/0x20\"}],\"metrics\":{},\"references\":[{\"url\":\"https://git.kernel.org/stable/c/4f45d65b781499d2a79eca12155532739c876aa2\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/c98586d8d01c9e860e7acc3807c2afeb1dc14e8a\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"}]}}"
  }
}

ghsa-j53q-3928-9255

Vulnerability from github

Published

2024-12-27 15:31

Modified

2024-12-27 15:31

Details

In the Linux kernel, the following vulnerability has been resolved:

media: qcom: camss: fix error path on configuration of power domains

There is a chance to meet runtime issues during configuration of CAMSS power domains, because on the error path dev_pm_domain_detach() is unexpectedly called with NULL or error pointer.

One of the simplest ways to reproduce the problem is to probe CAMSS driver before registration of CAMSS power domains, for instance if a platform CAMCC driver is simply not built.

Warning backtrace example:

Unable to handle kernel NULL pointer dereference at virtual address 00000000000001a2

<snip>

pc : dev_pm_domain_detach+0x8/0x48
lr : camss_probe+0x374/0x9c0

<snip>

Call trace:
 dev_pm_domain_detach+0x8/0x48
 platform_probe+0x70/0xf0
 really_probe+0xc4/0x2a8
 __driver_probe_device+0x80/0x140
 driver_probe_device+0x48/0x170
 __device_attach_driver+0xc0/0x148
 bus_for_each_drv+0x88/0xf0
 __device_attach+0xb0/0x1c0
 device_initial_probe+0x1c/0x30
 bus_probe_device+0xb4/0xc0
 deferred_probe_work_func+0x90/0xd0
 process_one_work+0x164/0x3e0
 worker_thread+0x310/0x420
 kthread+0x120/0x130
 ret_from_fork+0x10/0x20

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2024-56580"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-12-27T15:15:17Z",
    "severity": null
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: qcom: camss: fix error path on configuration of power domains\n\nThere is a chance to meet runtime issues during configuration of CAMSS\npower domains, because on the error path dev_pm_domain_detach() is\nunexpectedly called with NULL or error pointer.\n\nOne of the simplest ways to reproduce the problem is to probe CAMSS\ndriver before registration of CAMSS power domains, for instance if\na platform CAMCC driver is simply not built.\n\nWarning backtrace example:\n\n    Unable to handle kernel NULL pointer dereference at virtual address 00000000000001a2\n\n    \u003csnip\u003e\n\n    pc : dev_pm_domain_detach+0x8/0x48\n    lr : camss_probe+0x374/0x9c0\n\n    \u003csnip\u003e\n\n    Call trace:\n     dev_pm_domain_detach+0x8/0x48\n     platform_probe+0x70/0xf0\n     really_probe+0xc4/0x2a8\n     __driver_probe_device+0x80/0x140\n     driver_probe_device+0x48/0x170\n     __device_attach_driver+0xc0/0x148\n     bus_for_each_drv+0x88/0xf0\n     __device_attach+0xb0/0x1c0\n     device_initial_probe+0x1c/0x30\n     bus_probe_device+0xb4/0xc0\n     deferred_probe_work_func+0x90/0xd0\n     process_one_work+0x164/0x3e0\n     worker_thread+0x310/0x420\n     kthread+0x120/0x130\n     ret_from_fork+0x10/0x20",
  "id": "GHSA-j53q-3928-9255",
  "modified": "2024-12-27T15:31:54Z",
  "published": "2024-12-27T15:31:54Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-56580"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/4f45d65b781499d2a79eca12155532739c876aa2"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/c98586d8d01c9e860e7acc3807c2afeb1dc14e8a"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted