CVE-2024-56576
Severity CVSS v4.0:
Pending analysis
Type:
CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
Publication date:
27/12/2024
Last modified:
03/11/2025
Description
In the Linux kernel, the following vulnerability has been resolved:<br />
<br />
media: i2c: tc358743: Fix crash in the probe error path when using polling<br />
<br />
If an error occurs in the probe() function, we should remove the polling<br />
timer that was alarmed earlier, otherwise the timer is called with<br />
arguments that are already freed, which results in a crash.<br />
<br />
------------[ cut here ]------------<br />
WARNING: CPU: 3 PID: 0 at kernel/time/timer.c:1830 __run_timers+0x244/0x268<br />
Modules linked in:<br />
CPU: 3 UID: 0 PID: 0 Comm: swapper/3 Not tainted 6.11.0 #226<br />
Hardware name: Diasom DS-RK3568-SOM-EVB (DT)<br />
pstate: 804000c9 (Nzcv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--)<br />
pc : __run_timers+0x244/0x268<br />
lr : __run_timers+0x1d4/0x268<br />
sp : ffffff80eff2baf0<br />
x29: ffffff80eff2bb50 x28: 7fffffffffffffff x27: ffffff80eff2bb00<br />
x26: ffffffc080f669c0 x25: ffffff80efef6bf0 x24: ffffff80eff2bb00<br />
x23: 0000000000000000 x22: dead000000000122 x21: 0000000000000000<br />
x20: ffffff80efef6b80 x19: ffffff80041c8bf8 x18: ffffffffffffffff<br />
x17: ffffffc06f146000 x16: ffffff80eff27dc0 x15: 000000000000003e<br />
x14: 0000000000000000 x13: 00000000000054da x12: 0000000000000000<br />
x11: 00000000000639c0 x10: 000000000000000c x9 : 0000000000000009<br />
x8 : ffffff80eff2cb40 x7 : ffffff80eff2cb40 x6 : ffffff8002bee480<br />
x5 : ffffffc080cb2220 x4 : ffffffc080cb2150 x3 : 00000000000f4240<br />
x2 : 0000000000000102 x1 : ffffff80eff2bb00 x0 : ffffff80041c8bf0<br />
Call trace:<br />
__run_timers+0x244/0x268<br />
timer_expire_remote+0x50/0x68<br />
tmigr_handle_remote+0x388/0x39c<br />
run_timer_softirq+0x38/0x44<br />
handle_softirqs+0x138/0x298<br />
__do_softirq+0x14/0x20<br />
____do_softirq+0x10/0x1c<br />
call_on_irq_stack+0x24/0x4c<br />
do_softirq_own_stack+0x1c/0x2c<br />
irq_exit_rcu+0x9c/0xcc<br />
el1_interrupt+0x48/0xc0<br />
el1h_64_irq_handler+0x18/0x24<br />
el1h_64_irq+0x7c/0x80<br />
default_idle_call+0x34/0x68<br />
do_idle+0x23c/0x294<br />
cpu_startup_entry+0x38/0x3c<br />
secondary_start_kernel+0x128/0x160<br />
__secondary_switched+0xb8/0xbc<br />
---[ end trace 0000000000000000 ]---
Impact
Base Score 3.x
4.70
Severity 3.x
MEDIUM
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 4.13 (including) | 5.4.287 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 5.5 (including) | 5.10.231 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 5.11 (including) | 5.15.174 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 5.16 (including) | 6.1.120 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 6.2 (including) | 6.6.64 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 6.7 (including) | 6.12.4 (excluding) |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- https://git.kernel.org/stable/c/13193a97ddd5a6a5b11408ddbc1ae85588b1860c
- https://git.kernel.org/stable/c/1def915b1564f4375330bd113ea1d768a569cfd8
- https://git.kernel.org/stable/c/34a3466a92f50c51d984f0ec2e96864886d460eb
- https://git.kernel.org/stable/c/5c9ab34c87af718bdbf9faa2b1a6ba41d15380ea
- https://git.kernel.org/stable/c/815d14147068347e88c258233eb951b41b2792a6
- https://git.kernel.org/stable/c/869f38ae07f7df829da4951c3d1f7a2be09c2e9a
- https://git.kernel.org/stable/c/b59ab89bc83f7bff67f78c6caf484a84a6dd30f7
- https://lists.debian.org/debian-lts-announce/2025/03/msg00001.html
- https://lists.debian.org/debian-lts-announce/2025/03/msg00002.html