ghsa-gqmm-fccw-xjf3
Vulnerability from github
Published
2025-03-06 18:31
Modified
2025-03-25 15:31
Details

In the Linux kernel, the following vulnerability has been resolved:

clk: mmp2: call pm_genpd_init() only after genpd.name is set

Setting the genpd's struct device's name with dev_set_name() is happening within pm_genpd_init(). If it remains NULL, things can blow up later, such as when crafting the devfs hierarchy for the power domain:

Unable to handle kernel NULL pointer dereference at virtual address 00000000 when read ... Call trace: strlen from start_creating+0x90/0x138 start_creating from debugfs_create_dir+0x20/0x178 debugfs_create_dir from genpd_debug_add.part.0+0x4c/0x144 genpd_debug_add.part.0 from genpd_debug_init+0x74/0x90 genpd_debug_init from do_one_initcall+0x5c/0x244 do_one_initcall from kernel_init_freeable+0x19c/0x1f4 kernel_init_freeable from kernel_init+0x1c/0x12c kernel_init from ret_from_fork+0x14/0x28

Bisecting tracks this crash back to commit 899f44531fe6 ("pmdomain: core: Add GENPD_FLAG_DEV_NAME_FW flag"), which exchanges use of genpd->name with dev_name(&genpd->dev) in genpd_debug_add.part().

Show details on source website


{
  "affected": [],
  "aliases": [
    "CVE-2024-58081"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-476"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-03-06T17:15:21Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nclk: mmp2: call pm_genpd_init() only after genpd.name is set\n\nSetting the genpd\u0027s struct device\u0027s name with dev_set_name() is\nhappening within pm_genpd_init(). If it remains NULL, things can blow up\nlater, such as when crafting the devfs hierarchy for the power domain:\n\n  Unable to handle kernel NULL pointer dereference at virtual address 00000000 when read\n  ...\n  Call trace:\n   strlen from start_creating+0x90/0x138\n   start_creating from debugfs_create_dir+0x20/0x178\n   debugfs_create_dir from genpd_debug_add.part.0+0x4c/0x144\n   genpd_debug_add.part.0 from genpd_debug_init+0x74/0x90\n   genpd_debug_init from do_one_initcall+0x5c/0x244\n   do_one_initcall from kernel_init_freeable+0x19c/0x1f4\n   kernel_init_freeable from kernel_init+0x1c/0x12c\n   kernel_init from ret_from_fork+0x14/0x28\n\nBisecting tracks this crash back to commit 899f44531fe6 (\"pmdomain: core:\nAdd GENPD_FLAG_DEV_NAME_FW flag\"), which exchanges use of genpd-\u003ename\nwith dev_name(\u0026genpd-\u003edev) in genpd_debug_add.part().",
  "id": "GHSA-gqmm-fccw-xjf3",
  "modified": "2025-03-25T15:31:22Z",
  "published": "2025-03-06T18:31:11Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-58081"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/763517124e27b07fa300b486d7d13c5d563a215e"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/e24b15d4704dcb73920c3d18a6157abd18df08c1"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/eca01d5911fb34218d10a58d8d9534b758c8fd0a"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading…

Loading…

Loading…

Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.


Loading…

Loading…