CVE-2024-50176

Summary

In the Linux kernel, the following vulnerability has been resolved:

remoteproc: k3-r5: Fix error handling when power-up failed

By simply bailing out, the driver was violating its rule and internal assumptions that either both or no rproc should be initialized. E.g., this could cause the first core to be available but not the second one, leading to crashes on its shutdown later on while trying to dereference that second instance.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux2a1ec20b174c0f613224c59e694639ac07308b53 < 87ab3af7447791d0c619610fd560bd804549e187affected
LinuxLinux2494bc856e7ce50b1c4fd8afb4d17f2693f36565 < fc71c23958931713b5e76f317b76be37189f2516affected
LinuxLinux61f6f68447aba08aeaa97593af3a7d85a114891f < afd102bde99d90ef41e043c846ea34b04433eb7baffected
LinuxLinux61f6f68447aba08aeaa97593af3a7d85a114891f < 7afb5e3aa989c479979faeb18768a67889a7a9c6affected
LinuxLinux61f6f68447aba08aeaa97593af3a7d85a114891f < 9ab27eb5866ccbf57715cfdba4b03d57776092fbaffected
LinuxLinux8ae2a10f5c7010ac82ab015cf864199093d61a7daffected
LinuxLinux6.1.95 < 6.1.113affected
LinuxLinux6.6.35 < 6.6.55affected
LinuxLinux6.9.6 < 6.10affected
LinuxLinux6.10affected
LinuxLinux0 < 6.10unaffected
LinuxLinux6.1.113 <= 6.1.*unaffected
LinuxLinux6.6.55 <= 6.6.*unaffected
LinuxLinux6.10.14 <= 6.10.*unaffected
LinuxLinux6.11.3 <= 6.11.*unaffected
LinuxLinux6.12 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

References