Instituto Nacional de ciberseguridad. Sección Incibe
Instituto Nacional de Ciberseguridad. Sección INCIBE-CERT

Go to Calendar     Go to Press Room     Go to Newsletters subscription

Search

CVE-2024-56787

Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
08/01/2025
Last modified:
03/11/2025

Description

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> soc: imx8m: Probe the SoC driver as platform driver<br /> <br /> With driver_async_probe=* on kernel command line, the following trace is<br /> produced because on i.MX8M Plus hardware because the soc-imx8m.c driver<br /> calls of_clk_get_by_name() which returns -EPROBE_DEFER because the clock<br /> driver is not yet probed. This was not detected during regular testing<br /> without driver_async_probe.<br /> <br /> Convert the SoC code to platform driver and instantiate a platform device<br /> in its current device_initcall() to probe the platform driver. Rework<br /> .soc_revision callback to always return valid error code and return SoC<br /> revision via parameter. This way, if anything in the .soc_revision callback<br /> return -EPROBE_DEFER, it gets propagated to .probe and the .probe will get<br /> retried later.<br /> <br /> "<br /> ------------[ cut here ]------------<br /> WARNING: CPU: 1 PID: 1 at drivers/soc/imx/soc-imx8m.c:115 imx8mm_soc_revision+0xdc/0x180<br /> CPU: 1 UID: 0 PID: 1 Comm: swapper/0 Not tainted 6.11.0-next-20240924-00002-g2062bb554dea #603<br /> Hardware name: DH electronics i.MX8M Plus DHCOM Premium Developer Kit (3) (DT)<br /> pstate: 20000005 (nzCv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--)<br /> pc : imx8mm_soc_revision+0xdc/0x180<br /> lr : imx8mm_soc_revision+0xd0/0x180<br /> sp : ffff8000821fbcc0<br /> x29: ffff8000821fbce0 x28: 0000000000000000 x27: ffff800081810120<br /> x26: ffff8000818a9970 x25: 0000000000000006 x24: 0000000000824311<br /> x23: ffff8000817f42c8 x22: ffff0000df8be210 x21: fffffffffffffdfb<br /> x20: ffff800082780000 x19: 0000000000000001 x18: ffffffffffffffff<br /> x17: ffff800081fff418 x16: ffff8000823e1000 x15: ffff0000c03b65e8<br /> x14: ffff0000c00051b0 x13: ffff800082790000 x12: 0000000000000801<br /> x11: ffff80008278ffff x10: ffff80008209d3a6 x9 : ffff80008062e95c<br /> x8 : ffff8000821fb9a0 x7 : 0000000000000000 x6 : 00000000000080e3<br /> x5 : ffff0000df8c03d8 x4 : 0000000000000000 x3 : 0000000000000000<br /> x2 : 0000000000000000 x1 : fffffffffffffdfb x0 : fffffffffffffdfb<br /> Call trace:<br /> imx8mm_soc_revision+0xdc/0x180<br /> imx8_soc_init+0xb0/0x1e0<br /> do_one_initcall+0x94/0x1a8<br /> kernel_init_freeable+0x240/0x2a8<br /> kernel_init+0x28/0x140<br /> ret_from_fork+0x10/0x20<br /> ---[ end trace 0000000000000000 ]---<br /> SoC: i.MX8MP revision 1.1<br /> "

Impact

Vector 3.x
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS v3.1 Severity and Metrics:

Base Score: 5.50 MEDIUM
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Attack Vector (AV): Local
Attack Complexity (AC): Low
Privileges Required (PR): Low
User Interaction (UI): None
Scope (S): Unchanged
Confidentiality (C): None
Integrity (I): None
Availability (A): High

Base Score 3.x
5.50
Severity 3.x
MEDIUM

Vulnerable products and versions

CPE From Up to
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* 5.15.174 (excluding)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* 5.16 (including) 6.1.120 (excluding)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* 6.2 (including) 6.6.66 (excluding)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* 6.7 (including) 6.12.5 (excluding)

To consult the complete list of CPE names with products and versions, see this page


References to Advisories, Solutions, and Tools