| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <2024122923-CVE-2024-56724-a800@gregkh> Date: Sun, 29 Dec 2024 12:29:25 +0100 From: Greg Kroah-Hartman <gregkh@...uxfoundation.org> To: linux-cve-announce@...r.kernel.org Cc: Greg Kroah-Hartman <gregkh@...uxfoundation.org> Subject: CVE-2024-56724: mfd: intel_soc_pmic_bxtwc: Use IRQ domain for TMU device Description =========== In the Linux kernel, the following vulnerability has been resolved: mfd: intel_soc_pmic_bxtwc: Use IRQ domain for TMU device While design wise the idea of converting the driver to use the hierarchy of the IRQ chips is correct, the implementation has (inherited) flaws. This was unveiled when platform_get_irq() had started WARN() on IRQ 0 that is supposed to be a Linux IRQ number (also known as vIRQ). Rework the driver to respect IRQ domain when creating each MFD device separately, as the domain is not the same for all of them. The Linux kernel CVE team has assigned CVE-2024-56724 to this issue. Affected and fixed versions =========================== Issue introduced in 4.10 with commit 957ae5098185e763b5c06be6c3b4b6e98c048712 and fixed in 5.4.287 with commit b7c7c400de85d915e0da7c2c363553a801c47349 Issue introduced in 4.10 with commit 957ae5098185e763b5c06be6c3b4b6e98c048712 and fixed in 5.10.231 with commit c472b55cc0bc3df805db6a14f50a084884cf18ee Issue introduced in 4.10 with commit 957ae5098185e763b5c06be6c3b4b6e98c048712 and fixed in 5.15.174 with commit da498e02c92e6d82df8001438dd583b90c570815 Issue introduced in 4.10 with commit 957ae5098185e763b5c06be6c3b4b6e98c048712 and fixed in 6.1.120 with commit 56acf415772ee7e10e448b371f52b249aa2d0f7b Issue introduced in 4.10 with commit 957ae5098185e763b5c06be6c3b4b6e98c048712 and fixed in 6.6.64 with commit 1b734ad0e33648c3988c6a37c2ac16c2d63eda06 Issue introduced in 4.10 with commit 957ae5098185e763b5c06be6c3b4b6e98c048712 and fixed in 6.11.11 with commit 2310f5336f32eac9ada2d59b965d578efe25c4bf Issue introduced in 4.10 with commit 957ae5098185e763b5c06be6c3b4b6e98c048712 and fixed in 6.12.2 with commit 5bc6d0da4a32fe34a9960de577e0b7de3454de0c Issue introduced in 4.10 with commit 957ae5098185e763b5c06be6c3b4b6e98c048712 and fixed in 6.13-rc1 with commit 9b79d59e6b2b515eb9a22bc469ef7b8f0904fc73 Please see https://www.kernel.org for a full list of currently supported kernel versions by the kernel community. Unaffected versions might change over time as fixes are backported to older supported kernel versions. The official CVE entry at https://cve.org/CVERecord/?id=CVE-2024-56724 will be updated if fixes are backported, please check that for the most up to date information about this issue. Affected files ============== The file(s) affected by this issue are: drivers/mfd/intel_soc_pmic_bxtwc.c drivers/platform/x86/intel/bxtwc_tmu.c Mitigation ========== The Linux kernel CVE team recommends that you update to the latest stable kernel version for this, and many other bugfixes. Individual changes are never tested alone, but rather are part of a larger kernel release. Cherry-picking individual commits is not recommended or supported by the Linux kernel community at all. If however, updating to the latest release is impossible, the individual changes to resolve this issue can be found at these commits: https://git.kernel.org/stable/c/b7c7c400de85d915e0da7c2c363553a801c47349 https://git.kernel.org/stable/c/c472b55cc0bc3df805db6a14f50a084884cf18ee https://git.kernel.org/stable/c/da498e02c92e6d82df8001438dd583b90c570815 https://git.kernel.org/stable/c/56acf415772ee7e10e448b371f52b249aa2d0f7b https://git.kernel.org/stable/c/1b734ad0e33648c3988c6a37c2ac16c2d63eda06 https://git.kernel.org/stable/c/2310f5336f32eac9ada2d59b965d578efe25c4bf https://git.kernel.org/stable/c/5bc6d0da4a32fe34a9960de577e0b7de3454de0c https://git.kernel.org/stable/c/9b79d59e6b2b515eb9a22bc469ef7b8f0904fc73
Powered by blists - more mailing lists