CVE-2024-56618

{"id": "CVE-2024-56618", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 1.8}]}, "published": "2024-12-27T15:15:21.337", "references": [{"url": "https://git.kernel.org/stable/c/2379fb937de5333991c567eefd7d11b98977d059", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/a63907c8c712414643b597debcd09d16b6827b23", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\npmdomain: imx: gpcv2: Adjust delay after power up handshake\n\nThe udelay(5) is not enough, sometimes below kernel panic\nstill be triggered:\n\n[ 4.012973] Kernel panic - not syncing: Asynchronous SError Interrupt\n[ 4.012976] CPU: 2 UID: 0 PID: 186 Comm: (udev-worker) Not tainted 6.12.0-rc2-0.0.0-devel-00004-g8b1b79e88956 #1\n[ 4.012982] Hardware name: Toradex Verdin iMX8M Plus WB on Dahlia Board (DT)\n[ 4.012985] Call trace:\n[...]\n[ 4.013029] arm64_serror_panic+0x64/0x70\n[ 4.013034] do_serror+0x3c/0x70\n[ 4.013039] el1h_64_error_handler+0x30/0x54\n[ 4.013046] el1h_64_error+0x64/0x68\n[ 4.013050] clk_imx8mp_audiomix_runtime_resume+0x38/0x48\n[ 4.013059] __genpd_runtime_resume+0x30/0x80\n[ 4.013066] genpd_runtime_resume+0x114/0x29c\n[ 4.013073] __rpm_callback+0x48/0x1e0\n[ 4.013079] rpm_callback+0x68/0x80\n[ 4.013084] rpm_resume+0x3bc/0x6a0\n[ 4.013089] __pm_runtime_resume+0x50/0x9c\n[ 4.013095] pm_runtime_get_suppliers+0x60/0x8c\n[ 4.013101] __driver_probe_device+0x4c/0x14c\n[ 4.013108] driver_probe_device+0x3c/0x120\n[ 4.013114] __driver_attach+0xc4/0x200\n[ 4.013119] bus_for_each_dev+0x7c/0xe0\n[ 4.013125] driver_attach+0x24/0x30\n[ 4.013130] bus_add_driver+0x110/0x240\n[ 4.013135] driver_register+0x68/0x124\n[ 4.013142] __platform_driver_register+0x24/0x30\n[ 4.013149] sdma_driver_init+0x20/0x1000 [imx_sdma]\n[ 4.013163] do_one_initcall+0x60/0x1e0\n[ 4.013168] do_init_module+0x5c/0x21c\n[ 4.013175] load_module+0x1a98/0x205c\n[ 4.013181] init_module_from_file+0x88/0xd4\n[ 4.013187] __arm64_sys_finit_module+0x258/0x350\n[ 4.013194] invoke_syscall.constprop.0+0x50/0xe0\n[ 4.013202] do_el0_svc+0xa8/0xe0\n[ 4.013208] el0_svc+0x3c/0x140\n[ 4.013215] el0t_64_sync_handler+0x120/0x12c\n[ 4.013222] el0t_64_sync+0x190/0x194\n[ 4.013228] SMP: stopping secondary CPUs\n\nThe correct way is to wait handshake, but it needs BUS clock of\nBLK-CTL be enabled, which is in separate driver. So delay is the\nonly option here. The udelay(10) is a data got by experiment."}, {"lang": "es", "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: pmdomain: imx: gpcv2: Ajuste del retraso despu\u00e9s del protocolo de enlace de encendido El udelay(5) no es suficiente, a veces el p\u00e1nico del kernel a\u00fan se puede activar: [ 4.012973] P\u00e1nico del kernel: no sincroniza: Interrupci\u00f3n de error asincr\u00f3nica [ 4.012976] CPU: 2 UID: 0 PID: 186 Comm: (udev-worker) No contaminado 6.12.0-rc2-0.0.0-devel-00004-g8b1b79e88956 #1 [ 4.012982] Nombre del hardware: Toradex Verdin iMX8M Plus WB en placa Dahlia (DT) [ 4.012985] Rastreo de llamadas: [...] [ 4.013029] arm64_serror_panic+0x64/0x70 [ 4.013034] do_serror+0x3c/0x70 [ 4.013039] el1h_64_error_handler+0x30/0x54 [ 4.013046] el1h_64_error+0x64/0x68 [ 4.013050] clk_imx8mp_audiomix_runtime_resume+0x38/0x48 [ 4.013059] __genpd_runtime_resume+0x30/0x80 [ 4.013066] genpd_runtime_resume+0x114/0x29c [ 4.013073] __rpm_callback+0x48/0x1e0 [ 4.013079] rpm_callback+0x68/0x80 [ 4.013084] rpm_resume+0x3bc/0x6a0 [ 4.013089] __pm_runtime_resume+0x50/0x9c [ 4.013095] pm_runtime_get_suppliers+0x60/0x8c [ 4.013101] __driver_probe_device+0x4c/0x14c [ 4.013108] driver_probe_device+0x3c/0x120 [ 4.013114] __driver_attach+0xc4/0x200 [ 4.013119] bus_for_each_dev+0x7c/0xe0 [ 4.013125] driver_attach+0x24/0x30 [ 4.013130] bus_add_driver+0x110/0x240 [ 4.013135] driver_register+0x68/0x124 [ 4.013142] __platform_driver_register+0x24/0x30 [ 4.013149] sdma_driver_init+0x20/0x1000 [imx_sdma] [ 4.013163] do_one_initcall+0x60/0x1e0 [ 4.013168] do_init_module+0x5c/0x21c [ 4.013175] load_module+0x1a98/0x205c [ 4.013181] init_module_from_file+0x88/0xd4 [ 4.013187] __arm64_sys_finit_module+0x258/0x350 [ 4.013194] anybody_syscall.constprop.0+0x50/0xe0 [ 4.013202] anyone_syscall.constprop.0+0x50/0xe0 [ 4.013202] anyone_syscall.constprop.0+0x50/0xe0 [ 4.013208] anyone_syscall.constprop.0+0x3c/0x140 [ 4.013215] anyone_sysvc+0x120/0x12c [ 4.013222] anyone_sysvc+0x3c/0x140 [ 4.013215] anyone_sysvc+0x120/0x12c [ 4.013222] anyone_sys_sync+0x190/0x194 [ 4.013228] SMP: deteniendo CPUs secundarias La forma correcta es esperar el protocolo de enlace, pero necesita que el reloj BUS de BLK-CTL est\u00e9 habilitado, lo cual est\u00e1 en un controlador separado. Entonces, el retraso es la \u00fanica opci\u00f3n aqu\u00ed. Udelay(10) es un dato obtenido mediante experimento."}], "lastModified": "2025-01-16T16:13:52.180", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DC342DCB-0FE7-49A9-8291-3E1FCB51A530", "versionEndExcluding": "6.12.5", "versionStartIncluding": "6.10"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.13:rc1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "62567B3C-6CEE-46D0-BC2E-B3717FBF7D13"}], "operator": "OR"}]}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}