| { |
| "containers": { |
| "cna": { |
| "providerMetadata": { |
| "orgId": "f4215fc3-5b6b-47ff-a258-f7189bd81038" |
| }, |
| "descriptions": [ |
| { |
| "lang": "en", |
| "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nfirmware: arm_scpi: Check the DVFS OPP count returned by the firmware\n\nFix a kernel crash with the below call trace when the SCPI firmware\nreturns OPP count of zero.\n\ndvfs_info.opp_count may be zero on some platforms during the reboot\ntest, and the kernel will crash after dereferencing the pointer to\nkcalloc(info->count, sizeof(*opp), GFP_KERNEL).\n\n | Unable to handle kernel NULL pointer dereference at virtual address 0000000000000028\n | Mem abort info:\n | ESR = 0x96000004\n | Exception class = DABT (current EL), IL = 32 bits\n | SET = 0, FnV = 0\n | EA = 0, S1PTW = 0\n | Data abort info:\n | ISV = 0, ISS = 0x00000004\n | CM = 0, WnR = 0\n | user pgtable: 4k pages, 48-bit VAs, pgdp = 00000000faefa08c\n | [0000000000000028] pgd=0000000000000000\n | Internal error: Oops: 96000004 [#1] SMP\n | scpi-hwmon: probe of PHYT000D:00 failed with error -110\n | Process systemd-udevd (pid: 1701, stack limit = 0x00000000aaede86c)\n | CPU: 2 PID: 1701 Comm: systemd-udevd Not tainted 4.19.90+ #1\n | Hardware name: PHYTIUM LTD Phytium FT2000/4/Phytium FT2000/4, BIOS\n | pstate: 60000005 (nZCv daif -PAN -UAO)\n | pc : scpi_dvfs_recalc_rate+0x40/0x58 [clk_scpi]\n | lr : clk_register+0x438/0x720\n | Call trace:\n | scpi_dvfs_recalc_rate+0x40/0x58 [clk_scpi]\n | devm_clk_hw_register+0x50/0xa0\n | scpi_clk_ops_init.isra.2+0xa0/0x138 [clk_scpi]\n | scpi_clocks_probe+0x528/0x70c [clk_scpi]\n | platform_drv_probe+0x58/0xa8\n | really_probe+0x260/0x3d0\n | driver_probe_device+0x12c/0x148\n | device_driver_attach+0x74/0x98\n | __driver_attach+0xb4/0xe8\n | bus_for_each_dev+0x88/0xe0\n | driver_attach+0x30/0x40\n | bus_add_driver+0x178/0x2b0\n | driver_register+0x64/0x118\n | __platform_driver_register+0x54/0x60\n | scpi_clocks_driver_init+0x24/0x1000 [clk_scpi]\n | do_one_initcall+0x54/0x220\n | do_init_module+0x54/0x1c8\n | load_module+0x14a4/0x1668\n | __se_sys_finit_module+0xf8/0x110\n | __arm64_sys_finit_module+0x24/0x30\n | el0_svc_common+0x78/0x170\n | el0_svc_handler+0x38/0x78\n | el0_svc+0x8/0x340\n | Code: 937d7c00 a94153f3 a8c27bfd f9400421 (b8606820)\n | ---[ end trace 06feb22469d89fa8 ]---\n | Kernel panic - not syncing: Fatal exception\n | SMP: stopping secondary CPUs\n | Kernel Offset: disabled\n | CPU features: 0x10,a0002008\n | Memory Limit: none" |
| } |
| ], |
| "affected": [ |
| { |
| "product": "Linux", |
| "vendor": "Linux", |
| "defaultStatus": "unaffected", |
| "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", |
| "programFiles": [ |
| "drivers/firmware/arm_scpi.c" |
| ], |
| "versions": [ |
| { |
| "version": "8cb7cf56c9fe5412de238465b27ef35b4d2801aa", |
| "lessThan": "12e2c520a0a4202575e4a45ea41f06a8e9aa3417", |
| "status": "affected", |
| "versionType": "git" |
| }, |
| { |
| "version": "8cb7cf56c9fe5412de238465b27ef35b4d2801aa", |
| "lessThan": "8be4e51f3ecfb0915e3510b600c4cce0dc68a383", |
| "status": "affected", |
| "versionType": "git" |
| }, |
| { |
| "version": "8cb7cf56c9fe5412de238465b27ef35b4d2801aa", |
| "lessThan": "380c0e1d96f3b522f3170c18ee5e0f1a28fec5d6", |
| "status": "affected", |
| "versionType": "git" |
| }, |
| { |
| "version": "8cb7cf56c9fe5412de238465b27ef35b4d2801aa", |
| "lessThan": "2a5b8de6fcb944f9af0c5fcb30bb0c039705e051", |
| "status": "affected", |
| "versionType": "git" |
| }, |
| { |
| "version": "8cb7cf56c9fe5412de238465b27ef35b4d2801aa", |
| "lessThan": "06258e57fee253f4046d3a6a86d7fde09f596eac", |
| "status": "affected", |
| "versionType": "git" |
| }, |
| { |
| "version": "8cb7cf56c9fe5412de238465b27ef35b4d2801aa", |
| "lessThan": "025067eeb945aa17c7dd483a63960125b7efb577", |
| "status": "affected", |
| "versionType": "git" |
| }, |
| { |
| "version": "8cb7cf56c9fe5412de238465b27ef35b4d2801aa", |
| "lessThan": "dfc9c2aa7f04f7db7e7225a5e118a24bf1c3b325", |
| "status": "affected", |
| "versionType": "git" |
| }, |
| { |
| "version": "8cb7cf56c9fe5412de238465b27ef35b4d2801aa", |
| "lessThan": "9beaff47bcea5eec7d4ead98f5043057161fd71a", |
| "status": "affected", |
| "versionType": "git" |
| }, |
| { |
| "version": "8cb7cf56c9fe5412de238465b27ef35b4d2801aa", |
| "lessThan": "109aa654f85c5141e813b2cd1bd36d90be678407", |
| "status": "affected", |
| "versionType": "git" |
| } |
| ] |
| }, |
| { |
| "product": "Linux", |
| "vendor": "Linux", |
| "defaultStatus": "affected", |
| "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", |
| "programFiles": [ |
| "drivers/firmware/arm_scpi.c" |
| ], |
| "versions": [ |
| { |
| "version": "4.4", |
| "status": "affected" |
| }, |
| { |
| "version": "0", |
| "lessThan": "4.4", |
| "status": "unaffected", |
| "versionType": "semver" |
| }, |
| { |
| "version": "4.19.325", |
| "lessThanOrEqual": "4.19.*", |
| "status": "unaffected", |
| "versionType": "semver" |
| }, |
| { |
| "version": "5.4.287", |
| "lessThanOrEqual": "5.4.*", |
| "status": "unaffected", |
| "versionType": "semver" |
| }, |
| { |
| "version": "5.10.231", |
| "lessThanOrEqual": "5.10.*", |
| "status": "unaffected", |
| "versionType": "semver" |
| }, |
| { |
| "version": "5.15.174", |
| "lessThanOrEqual": "5.15.*", |
| "status": "unaffected", |
| "versionType": "semver" |
| }, |
| { |
| "version": "6.1.120", |
| "lessThanOrEqual": "6.1.*", |
| "status": "unaffected", |
| "versionType": "semver" |
| }, |
| { |
| "version": "6.6.64", |
| "lessThanOrEqual": "6.6.*", |
| "status": "unaffected", |
| "versionType": "semver" |
| }, |
| { |
| "version": "6.11.11", |
| "lessThanOrEqual": "6.11.*", |
| "status": "unaffected", |
| "versionType": "semver" |
| }, |
| { |
| "version": "6.12.2", |
| "lessThanOrEqual": "6.12.*", |
| "status": "unaffected", |
| "versionType": "semver" |
| }, |
| { |
| "version": "6.13", |
| "lessThanOrEqual": "*", |
| "status": "unaffected", |
| "versionType": "original_commit_for_fix" |
| } |
| ] |
| } |
| ], |
| "cpeApplicability": [ |
| { |
| "nodes": [ |
| { |
| "operator": "OR", |
| "negate": false, |
| "cpeMatch": [ |
| { |
| "vulnerable": true, |
| "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", |
| "versionStartIncluding": "4.4", |
| "versionEndExcluding": "4.19.325" |
| }, |
| { |
| "vulnerable": true, |
| "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", |
| "versionStartIncluding": "4.4", |
| "versionEndExcluding": "5.4.287" |
| }, |
| { |
| "vulnerable": true, |
| "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", |
| "versionStartIncluding": "4.4", |
| "versionEndExcluding": "5.10.231" |
| }, |
| { |
| "vulnerable": true, |
| "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", |
| "versionStartIncluding": "4.4", |
| "versionEndExcluding": "5.15.174" |
| }, |
| { |
| "vulnerable": true, |
| "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", |
| "versionStartIncluding": "4.4", |
| "versionEndExcluding": "6.1.120" |
| }, |
| { |
| "vulnerable": true, |
| "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", |
| "versionStartIncluding": "4.4", |
| "versionEndExcluding": "6.6.64" |
| }, |
| { |
| "vulnerable": true, |
| "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", |
| "versionStartIncluding": "4.4", |
| "versionEndExcluding": "6.11.11" |
| }, |
| { |
| "vulnerable": true, |
| "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", |
| "versionStartIncluding": "4.4", |
| "versionEndExcluding": "6.12.2" |
| }, |
| { |
| "vulnerable": true, |
| "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", |
| "versionStartIncluding": "4.4", |
| "versionEndExcluding": "6.13" |
| } |
| ] |
| } |
| ] |
| } |
| ], |
| "references": [ |
| { |
| "url": "https://git.kernel.org/stable/c/12e2c520a0a4202575e4a45ea41f06a8e9aa3417" |
| }, |
| { |
| "url": "https://git.kernel.org/stable/c/8be4e51f3ecfb0915e3510b600c4cce0dc68a383" |
| }, |
| { |
| "url": "https://git.kernel.org/stable/c/380c0e1d96f3b522f3170c18ee5e0f1a28fec5d6" |
| }, |
| { |
| "url": "https://git.kernel.org/stable/c/2a5b8de6fcb944f9af0c5fcb30bb0c039705e051" |
| }, |
| { |
| "url": "https://git.kernel.org/stable/c/06258e57fee253f4046d3a6a86d7fde09f596eac" |
| }, |
| { |
| "url": "https://git.kernel.org/stable/c/025067eeb945aa17c7dd483a63960125b7efb577" |
| }, |
| { |
| "url": "https://git.kernel.org/stable/c/dfc9c2aa7f04f7db7e7225a5e118a24bf1c3b325" |
| }, |
| { |
| "url": "https://git.kernel.org/stable/c/9beaff47bcea5eec7d4ead98f5043057161fd71a" |
| }, |
| { |
| "url": "https://git.kernel.org/stable/c/109aa654f85c5141e813b2cd1bd36d90be678407" |
| } |
| ], |
| "title": "firmware: arm_scpi: Check the DVFS OPP count returned by the firmware", |
| "x_generator": { |
| "engine": "bippy-1.2.0" |
| } |
| } |
| }, |
| "cveMetadata": { |
| "assignerOrgId": "f4215fc3-5b6b-47ff-a258-f7189bd81038", |
| "cveID": "CVE-2024-53157", |
| "requesterUserId": "gregkh@kernel.org", |
| "serial": "1", |
| "state": "PUBLISHED" |
| }, |
| "dataType": "CVE_RECORD", |
| "dataVersion": "5.0" |
| } |
