CVE-2024-56621

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2024-56621
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-56621.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2024-56621
Downstream
Related
Published
2024-12-27T14:51:24.948Z
Modified
2025-11-20T07:09:48.800997Z
Summary
scsi: ufs: core: Cancel RTC work during ufshcd_remove()
Details

In the Linux kernel, the following vulnerability has been resolved:

scsi: ufs: core: Cancel RTC work during ufshcd_remove()

Currently, RTC work is only cancelled during _ufshcdwlsuspend(). When ufshcd is removed in ufshcdremove(), RTC work is not cancelled. Due to this, any further trigger of the RTC work after ufshcd_remove() would result in a NULL pointer dereference as below:

Unable to handle kernel NULL pointer dereference at virtual address 00000000000002a4 Workqueue: events ufshcdrtcwork Call trace: rawspinlockirqsave+0x34/0x8c pmruntimegetifactive+0x24/0xb4 ufshcdrtcwork+0x124/0x19c processscheduledworks+0x18c/0x2d8 workerthread+0x144/0x280 kthread+0x11c/0x128 retfrom_fork+0x10/0x20

Since RTC work accesses the ufshcd internal structures, it should be cancelled when ufshcd is removed. So do that in ufshcdremove(), as per the order in ufshcdinit().

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
06701a545e9a3c4e007cff6872a074bf97c40619
Fixed
57479e37d3f69efee2f0678568274db773284bc8
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
6bf999e0eb41850d5c857102535d5c53b2ede224
Fixed
2e7a3bb0331efb292e0fb022c36bc592137f0520
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
6bf999e0eb41850d5c857102535d5c53b2ede224
Fixed
1695c4361d35b7bdadd7b34f99c9c07741e181e5

Affected versions

v6.*

v6.10
v6.10-rc1
v6.10-rc2
v6.10-rc3
v6.10-rc4
v6.10-rc5
v6.10-rc6
v6.10-rc7
v6.11
v6.11-rc1
v6.11-rc2
v6.11-rc3
v6.11-rc4
v6.11-rc5
v6.11-rc6
v6.11-rc7
v6.12
v6.12-rc1
v6.12-rc2
v6.12-rc3
v6.12-rc4
v6.12-rc5
v6.12-rc6
v6.12-rc7
v6.12.1
v6.12.2
v6.12.3
v6.12.4
v6.7
v6.7-rc2
v6.7-rc3
v6.7-rc4
v6.7-rc5
v6.7-rc6
v6.7-rc7
v6.7-rc8
v6.8
v6.8-rc1
v6.8-rc2
v6.8-rc3
v6.8-rc4
v6.8-rc5
v6.8-rc6
v6.8-rc7
v6.9
v6.9-rc1
v6.9-rc2
v6.9-rc3
v6.9-rc4
v6.9-rc5
v6.9-rc6
v6.9-rc7

Database specific

vanir_signatures

[
    {
        "signature_type": "Function",
        "deprecated": false,
        "digest": {
            "length": 410.0,
            "function_hash": "147419069763732242281524969390226042837"
        },
        "target": {
            "file": "drivers/ufs/core/ufshcd.c",
            "function": "ufshcd_remove"
        },
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@2e7a3bb0331efb292e0fb022c36bc592137f0520",
        "signature_version": "v1",
        "id": "CVE-2024-56621-6552fae2"
    },
    {
        "signature_type": "Line",
        "deprecated": false,
        "digest": {
            "line_hashes": [
                "136675256493898680891564792244248611050",
                "101545442449987167810858058000906466977",
                "135600236043433062509817503022229964277",
                "56060173530773681830399230668752744780"
            ],
            "threshold": 0.9
        },
        "target": {
            "file": "drivers/ufs/core/ufshcd.c"
        },
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@2e7a3bb0331efb292e0fb022c36bc592137f0520",
        "signature_version": "v1",
        "id": "CVE-2024-56621-cec2ef18"
    }
]

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
6.8.0
Fixed
6.12.5