CVE-2024-56580
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2024-56580
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-56580.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2024-56580
- Downstream
- Related
- Published
- 2024-12-27T15:15:17Z
- Modified
- 2025-01-08T16:43:44Z
- Severity
-
- 5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
- Summary
- [none]
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
media: qcom: camss: fix error path on configuration of power domains
There is a chance to meet runtime issues during configuration of CAMSS power domains, because on the error path devpmdomain_detach() is unexpectedly called with NULL or error pointer.
One of the simplest ways to reproduce the problem is to probe CAMSS driver before registration of CAMSS power domains, for instance if a platform CAMCC driver is simply not built.
Warning backtrace example:
Unable to handle kernel NULL pointer dereference at virtual address 00000000000001a2 <snip> pc : dev_pm_domain_detach+0x8/0x48 lr : camss_probe+0x374/0x9c0 <snip> Call trace: dev_pm_domain_detach+0x8/0x48 platform_probe+0x70/0xf0 really_probe+0xc4/0x2a8 __driver_probe_device+0x80/0x140 driver_probe_device+0x48/0x170 __device_attach_driver+0xc0/0x148 bus_for_each_drv+0x88/0xf0 __device_attach+0xb0/0x1c0 device_initial_probe+0x1c/0x30 bus_probe_device+0xb4/0xc0 deferred_probe_work_func+0x90/0xd0 process_one_work+0x164/0x3e0 worker_thread+0x310/0x420 kthread+0x120/0x130 ret_from_fork+0x10/0x20 - References
Affected packages
Debian:13 / linux
Package
- Name
- linux
- Purl
- pkg:deb/debian/linux?arch=source