CVE-2024-57799

Summary

In the Linux kernel, the following vulnerability has been resolved:

phy: rockchip: samsung-hdptx: Set drvdata before enabling runtime PM

In some cases, rk_hdptx_phy_runtime_resume() may be invoked before platform_set_drvdata() is executed in ->probe(), leading to a NULL pointer dereference when using the return of dev_get_drvdata().

Ensure platform_set_drvdata() is called before devm_pm_runtime_enable().

Affected Software

VendorProductVersion RangeStatus
LinuxLinux553be2830c5f33308483e8118de748a2c69fe593 < 7061849a4a1752a06944a819dd1f7bfd58df7383affected
LinuxLinux553be2830c5f33308483e8118de748a2c69fe593 < 9d23e48654620fdccfcc74cc2cef04eaf7353d07affected
LinuxLinux6.9affected
LinuxLinux0 < 6.9unaffected
LinuxLinux6.12.8 <= 6.12.*unaffected
LinuxLinux6.13 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References