CVE-2024-56574

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> media: ts2020: fix null-ptr-deref in ts2020_probe()<br /> <br /> KASAN reported a null-ptr-deref issue when executing the following<br /> command:<br /> <br /> # echo ts2020 0x20 &gt; /sys/bus/i2c/devices/i2c-0/new_device<br /> KASAN: null-ptr-deref in range [0x0000000000000010-0x0000000000000017]<br /> CPU: 53 UID: 0 PID: 970 Comm: systemd-udevd Not tainted 6.12.0-rc2+ #24<br /> Hardware name: QEMU Standard PC (Q35 + ICH9, 2009)<br /> RIP: 0010:ts2020_probe+0xad/0xe10 [ts2020]<br /> RSP: 0018:ffffc9000abbf598 EFLAGS: 00010202<br /> RAX: dffffc0000000000 RBX: 0000000000000000 RCX: ffffffffc0714809<br /> RDX: 0000000000000002 RSI: ffff88811550be00 RDI: 0000000000000010<br /> RBP: ffff888109868800 R08: 0000000000000001 R09: fffff52001577eb6<br /> R10: 0000000000000000 R11: ffffc9000abbff50 R12: ffffffffc0714790<br /> R13: 1ffff92001577eb8 R14: ffffffffc07190d0 R15: 0000000000000001<br /> FS: 00007f95f13b98c0(0000) GS:ffff888149280000(0000) knlGS:0000000000000000<br /> CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033<br /> CR2: 0000555d2634b000 CR3: 0000000152236000 CR4: 00000000000006f0<br /> DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000<br /> DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400<br /> Call Trace:<br /> <br /> ts2020_probe+0xad/0xe10 [ts2020]<br /> i2c_device_probe+0x421/0xb40<br /> really_probe+0x266/0x850<br /> ...<br /> <br /> The cause of the problem is that when using sysfs to dynamically register<br /> an i2c device, there is no platform data, but the probe process of ts2020<br /> needs to use platform data, resulting in a null pointer being accessed.<br /> <br /> Solve this problem by adding checks to platform data.