CVE-2024-56723

Summary

In the Linux kernel, the following vulnerability has been resolved:

mfd: intel_soc_pmic_bxtwc: Use IRQ domain for PMIC devices

While design wise the idea of converting the driver to use the hierarchy of the IRQ chips is correct, the implementation has (inherited) flaws. This was unveiled when platform_get_irq() had started WARN() on IRQ 0 that is supposed to be a Linux IRQ number (also known as vIRQ).

Rework the driver to respect IRQ domain when creating each MFD device separately, as the domain is not the same for all of them.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux57129044f5044dcd73c22d91491906104bd331fd < 6ea17c03edc7ed0aabb1431eb26e2f94849af68aaffected
LinuxLinux57129044f5044dcd73c22d91491906104bd331fd < 61d590d7076b50b6ebdea1f3b83bb041c01fc482affected
LinuxLinux57129044f5044dcd73c22d91491906104bd331fd < bb6642d4b3136359b5b620049f76515876e6127eaffected
LinuxLinux57129044f5044dcd73c22d91491906104bd331fd < 7ba45b8bc62e64da524d45532107ae93eb33c93caffected
LinuxLinux57129044f5044dcd73c22d91491906104bd331fd < d4cc78bd6a25accb7ae2ac9fc445d1e1deda4a62affected
LinuxLinux57129044f5044dcd73c22d91491906104bd331fd < 897713c9d24f6ec394585abfcf259a6e5cad22c8affected
LinuxLinux57129044f5044dcd73c22d91491906104bd331fd < b3d45c19bcffb9a9a821df759f60be39d88c19f4affected
LinuxLinux57129044f5044dcd73c22d91491906104bd331fd < 0350d783ab888cb1cb48ced36cc28b372723f1a4affected
LinuxLinux4.13affected
LinuxLinux0 < 4.13unaffected
LinuxLinux5.4.287 <= 5.4.*unaffected
LinuxLinux5.10.231 <= 5.10.*unaffected
LinuxLinux5.15.174 <= 5.15.*unaffected
LinuxLinux6.1.120 <= 6.1.*unaffected
LinuxLinux6.6.64 <= 6.6.*unaffected
LinuxLinux6.11.11 <= 6.11.*unaffected
LinuxLinux6.12.2 <= 6.12.*unaffected
LinuxLinux6.13 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

References