CVE-2024-56580
Description
In the Linux kernel, the following vulnerability has been resolved:
media: qcom: camss: fix error path on configuration of power domains
There is a chance to meet runtime issues during configuration of CAMSS power domains, because on the error path dev_pm_domain_detach() is unexpectedly called with NULL or error pointer.
One of the simplest ways to reproduce the problem is to probe CAMSS driver before registration of CAMSS power domains, for instance if a platform CAMCC driver is simply not built.
Warning backtrace example:
Unable to handle kernel NULL pointer dereference at virtual address 00000000000001a2
pc : dev_pm_domain_detach+0x8/0x48 lr : camss_probe+0x374/0x9c0
Call trace: dev_pm_domain_detach+0x8/0x48 platform_probe+0x70/0xf0 really_probe+0xc4/0x2a8 __driver_probe_device+0x80/0x140 driver_probe_device+0x48/0x170 __device_attach_driver+0xc0/0x148 bus_for_each_drv+0x88/0xf0 __device_attach+0xb0/0x1c0 device_initial_probe+0x1c/0x30 bus_probe_device+0xb4/0xc0 deferred_probe_work_func+0x90/0xd0 process_one_work+0x164/0x3e0 worker_thread+0x310/0x420 kthread+0x120/0x130 ret_from_fork+0x10/0x20
Affected products
5- osv-coords3 versionspkg:deb/ubuntu/linux-lowlatency@6.11.0-1011.12?arch=source&distro=oracularpkg:deb/ubuntu/linux-raspi@6.11.0-1010.10?arch=source&distro=oracularpkg:linux/kernel
< 6.11.0-1011.12+ 2 more
- (no CPE)range: < 6.11.0-1011.12
- (no CPE)range: < 6.11.0-1010.10
- (no CPE)range: >= 6.8.0, < 6.12.4
Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.