CVE-2024-42100
N/A
N/A
Summary
In the Linux kernel, the following vulnerability has been resolved:
clk: sunxi-ng: common: Don't call hw_to_ccu_common on hw without common
In order to set the rate range of a hw sunxi_ccu_probe calls hw_to_ccu_common() assuming all entries in desc->ccu_clks are contained in a ccu_common struct. This assumption is incorrect and, in consequence, causes invalid pointer de-references.
Remove the faulty call. Instead, add one more loop that iterates over the ccu_clks and sets the rate range, if required.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Linux | Linux | 547263745e15a038ec3954b5c283805529377626 < 14c78d69dbca6a28af14095f639ec4318ec07fdc | affected |
| Linux | Linux | b914ec33b391ec766545a41f0cfc0de3e0b388d7 < 7a0e2738cb6da5a55c9908dff333600aeb263e07 | affected |
| Linux | Linux | b914ec33b391ec766545a41f0cfc0de3e0b388d7 < ea977d742507e534d9fe4f4d74256f6b7f589338 | affected |
| Linux | Linux | 761cbd9c0e4ed082b548bf6a0de25eebad24309d | affected |
| Linux | Linux | 6.6.31 < 6.6.39 | affected |
| Linux | Linux | 6.8.10 < 6.9 | affected |
| Linux | Linux | 6.9 | affected |
| Linux | Linux | 0 < 6.9 | unaffected |
| Linux | Linux | 6.6.39 <= 6.6.* | unaffected |
| Linux | Linux | 6.9.9 <= 6.9.* | unaffected |
| Linux | Linux | 6.10 <= * | unaffected |
Weaknesses
ADP Enrichment
CVE Program Container
Additional References
- https://git.kernel.org/stable/c/14c78d69dbca6a28af14095f639ec4318ec07fdc
- https://git.kernel.org/stable/c/7a0e2738cb6da5a55c9908dff333600aeb263e07
- https://git.kernel.org/stable/c/ea977d742507e534d9fe4f4d74256f6b7f589338
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
References
- https://git.kernel.org/stable/c/14c78d69dbca6a28af14095f639ec4318ec07fdc
- https://git.kernel.org/stable/c/7a0e2738cb6da5a55c9908dff333600aeb263e07
- https://git.kernel.org/stable/c/ea977d742507e534d9fe4f4d74256f6b7f589338
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.