CVE-2024-56754
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
29/12/2024
Last modified:
06/01/2025
Description
In the Linux kernel, the following vulnerability has been resolved:<br />
<br />
crypto: caam - Fix the pointer passed to caam_qi_shutdown()<br />
<br />
The type of the last parameter given to devm_add_action_or_reset() is<br />
"struct caam_drv_private *", but in caam_qi_shutdown(), it is casted to<br />
"struct device *".<br />
<br />
Pass the correct parameter to devm_add_action_or_reset() so that the<br />
resources are released as expected.
Impact
Base Score 3.x
5.50
Severity 3.x
MEDIUM
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 5.5 (including) | 5.10.231 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 5.11 (including) | 5.15.174 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 5.16 (including) | 6.1.120 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 6.2 (including) | 6.6.64 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 6.7 (including) | 6.11.11 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 6.12 (including) | 6.12.2 (excluding) |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- https://git.kernel.org/stable/c/1f8e2f597b918ca5827a5c6d00b819d064264d1c
- https://git.kernel.org/stable/c/6187727e57aec122c8a99c464c74578c810cbe40
- https://git.kernel.org/stable/c/66eddb8dcb61065c53098510165f14b54232bcc2
- https://git.kernel.org/stable/c/84a185aea7b83f620699de0ea36907d588d89cf6
- https://git.kernel.org/stable/c/ad39df0898d3f469776c19d99229be055cc2dcea
- https://git.kernel.org/stable/c/ad980b04f51f7fb503530bd1cb328ba5e75a250e
- https://git.kernel.org/stable/c/cc386170b3312fd7b5bc4a69a9f52d7f50814526