CVE-2024-27038
Severity CVSS v4.0:
Pending analysis
Type:
CWE-476
NULL Pointer Dereference
Publication date:
01/05/2024
Last modified:
23/12/2024
Description
In the Linux kernel, the following vulnerability has been resolved:<br />
<br />
clk: Fix clk_core_get NULL dereference<br />
<br />
It is possible for clk_core_get to dereference a NULL in the following<br />
sequence:<br />
<br />
clk_core_get()<br />
of_clk_get_hw_from_clkspec()<br />
__of_clk_get_hw_from_provider()<br />
__clk_get_hw()<br />
<br />
__clk_get_hw() can return NULL which is dereferenced by clk_core_get() at<br />
hw->core.<br />
<br />
Prior to commit dde4eff47c82 ("clk: Look for parents with clkdev based<br />
clk_lookups") the check IS_ERR_OR_NULL() was performed which would have<br />
caught the NULL.<br />
<br />
Reading the description of this function it talks about returning NULL but<br />
that cannot be so at the moment.<br />
<br />
Update the function to check for hw before dereferencing it and return NULL<br />
if hw is NULL.
Impact
Base Score 3.x
5.50
Severity 3.x
MEDIUM
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 5.2 (including) | 5.4.273 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 5.5 (including) | 5.10.214 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 5.11 (including) | 5.15.153 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 5.16 (including) | 6.1.83 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 6.2 (including) | 6.6.23 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 6.7 (including) | 6.7.11 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 6.8 (including) | 6.8.2 (excluding) |
| cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- https://git.kernel.org/stable/c/0efb9ef6fb95384ba631d6819e66f10392aabfa2
- https://git.kernel.org/stable/c/239174535dba11f7b83de0eaaa27909024f8c185
- https://git.kernel.org/stable/c/6f073b24a9e2becd25ac4505a9780a87e621bb51
- https://git.kernel.org/stable/c/a5d9b1aa61b401867b9066d54086b3e4ee91f8ed
- https://git.kernel.org/stable/c/a8b2b26fdd011ebe36d68a9a321ca45801685959
- https://git.kernel.org/stable/c/c554badcae9c45b737a22d23454170c6020b90e6
- https://git.kernel.org/stable/c/d7ae7d1265686b55832a445b1db8cdd69738ac07
- https://git.kernel.org/stable/c/e97fe4901e0f59a0bfd524578fe3768f8ca42428
- https://git.kernel.org/stable/c/0efb9ef6fb95384ba631d6819e66f10392aabfa2
- https://git.kernel.org/stable/c/239174535dba11f7b83de0eaaa27909024f8c185
- https://git.kernel.org/stable/c/6f073b24a9e2becd25ac4505a9780a87e621bb51
- https://git.kernel.org/stable/c/a5d9b1aa61b401867b9066d54086b3e4ee91f8ed
- https://git.kernel.org/stable/c/a8b2b26fdd011ebe36d68a9a321ca45801685959
- https://git.kernel.org/stable/c/c554badcae9c45b737a22d23454170c6020b90e6
- https://git.kernel.org/stable/c/d7ae7d1265686b55832a445b1db8cdd69738ac07
- https://git.kernel.org/stable/c/e97fe4901e0f59a0bfd524578fe3768f8ca42428
- https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html