CVE-2024-53069

Some SCM calls can be invoked with __scm being NULL (the driver may not have been and will not be probed as there's no SCM entry in device-tree). Make sure we don't dereference a NULL pointer.

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

449d0d84bcd8246b508d07995326d13c54488b8c

Fixed

3d36e2b1d803f0d1cc674115d295a8f20ddb9268

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

449d0d84bcd8246b508d07995326d13c54488b8c

Fixed

ca61d6836e6f4442a77762e1074d2706a2a6e578

Affected versions

v6.*

v6.10

v6.10-rc2

v6.10-rc3

v6.10-rc4

v6.10-rc5

v6.10-rc6

v6.10-rc7

v6.11

v6.11-rc1

v6.11-rc2

v6.11-rc3

v6.11-rc4

v6.11-rc5

v6.11-rc6

v6.11-rc7

v6.11.1

v6.11.2

v6.11.3

v6.11.4

v6.11.5

v6.11.6

v6.11.7

v6.12-rc1

Database specific

vanir_signatures

[
    {
        "signature_type": "Function",
        "deprecated": false,
        "digest": {
            "length": 56.0,
            "function_hash": "108467614624109431264983209928384611087"
        },
        "signature_version": "v1",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@ca61d6836e6f4442a77762e1074d2706a2a6e578",
        "target": {
            "file": "drivers/firmware/qcom/qcom_scm.c",
            "function": "qcom_scm_get_tzmem_pool"
        },
        "id": "CVE-2024-53069-a128f902"
    },
    {
        "signature_type": "Line",
        "deprecated": false,
        "digest": {
            "line_hashes": [
                "64659674982184712744035122158343508795",
                "131120910550079597815824623386522354904",
                "126950639729440369460143365044385301618",
                "174892332506629305589716802631543995383"
            ],
            "threshold": 0.9
        },
        "signature_version": "v1",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@ca61d6836e6f4442a77762e1074d2706a2a6e578",
        "target": {
            "file": "drivers/firmware/qcom/qcom_scm.c"
        },
        "id": "CVE-2024-53069-b61b2d19"
    }
]

CVE-2024-53069

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Affected versions

v6.*

Database specific

vanir_signatures

Linux / Kernel

Package

Affected ranges