| From bippy-5f407fcff5a0 Mon Sep 17 00:00:00 2001 |
| From: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
| To: <linux-cve-announce@vger.kernel.org> |
| Reply-to: <cve@kernel.org>, <linux-kernel@vger.kernel.org> |
| Subject: CVE-2024-26879: clk: meson: Add missing clocks to axg_clk_regmaps |
| |
| Description |
| =========== |
| |
| In the Linux kernel, the following vulnerability has been resolved: |
| |
| clk: meson: Add missing clocks to axg_clk_regmaps |
| |
| Some clocks were missing from axg_clk_regmaps, which caused kernel panic |
| during cat /sys/kernel/debug/clk/clk_summary |
| |
| [ 57.349402] Unable to handle kernel NULL pointer dereference at virtual address 00000000000001fc |
| ... |
| [ 57.430002] pstate: 60000005 (nZCv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--) |
| [ 57.436900] pc : regmap_read+0x1c/0x88 |
| [ 57.440608] lr : clk_regmap_gate_is_enabled+0x3c/0xb0 |
| [ 57.445611] sp : ffff800082f1b690 |
| [ 57.448888] x29: ffff800082f1b690 x28: 0000000000000000 x27: ffff800080eb9a70 |
| [ 57.455961] x26: 0000000000000007 x25: 0000000000000016 x24: 0000000000000000 |
| [ 57.463033] x23: ffff800080e8b488 x22: 0000000000000015 x21: ffff00000e7e7000 |
| [ 57.470106] x20: ffff00000400ec00 x19: 0000000000000000 x18: ffffffffffffffff |
| [ 57.477178] x17: 0000000000000000 x16: 0000000000000000 x15: ffff0000042a3000 |
| [ 57.484251] x14: 0000000000000000 x13: ffff0000042a2fec x12: 0000000005f5e100 |
| [ 57.491323] x11: abcc77118461cefd x10: 0000000000000020 x9 : ffff8000805e4b24 |
| [ 57.498396] x8 : ffff0000028063c0 x7 : ffff800082f1b710 x6 : ffff800082f1b710 |
| [ 57.505468] x5 : 00000000ffffffd0 x4 : ffff800082f1b6e0 x3 : 0000000000001000 |
| [ 57.512541] x2 : ffff800082f1b6e4 x1 : 000000000000012c x0 : 0000000000000000 |
| [ 57.519615] Call trace: |
| [ 57.522030] regmap_read+0x1c/0x88 |
| [ 57.525393] clk_regmap_gate_is_enabled+0x3c/0xb0 |
| [ 57.530050] clk_core_is_enabled+0x44/0x120 |
| [ 57.534190] clk_summary_show_subtree+0x154/0x2f0 |
| [ 57.538847] clk_summary_show_subtree+0x220/0x2f0 |
| [ 57.543505] clk_summary_show_subtree+0x220/0x2f0 |
| [ 57.548162] clk_summary_show_subtree+0x220/0x2f0 |
| [ 57.552820] clk_summary_show_subtree+0x220/0x2f0 |
| [ 57.557477] clk_summary_show_subtree+0x220/0x2f0 |
| [ 57.562135] clk_summary_show_subtree+0x220/0x2f0 |
| [ 57.566792] clk_summary_show_subtree+0x220/0x2f0 |
| [ 57.571450] clk_summary_show+0x84/0xb8 |
| [ 57.575245] seq_read_iter+0x1bc/0x4b8 |
| [ 57.578954] seq_read+0x8c/0xd0 |
| [ 57.582059] full_proxy_read+0x68/0xc8 |
| [ 57.585767] vfs_read+0xb0/0x268 |
| [ 57.588959] ksys_read+0x70/0x108 |
| [ 57.592236] __arm64_sys_read+0x24/0x38 |
| [ 57.596031] invoke_syscall+0x50/0x128 |
| [ 57.599740] el0_svc_common.constprop.0+0x48/0xf8 |
| [ 57.604397] do_el0_svc+0x28/0x40 |
| [ 57.607675] el0_svc+0x34/0xb8 |
| [ 57.610694] el0t_64_sync_handler+0x13c/0x158 |
| [ 57.615006] el0t_64_sync+0x190/0x198 |
| [ 57.618635] Code: a9bd7bfd 910003fd a90153f3 aa0003f3 (b941fc00) |
| [ 57.624668] ---[ end trace 0000000000000000 ]--- |
| |
| [jbrunet: add missing Fixes tag] |
| |
| The Linux kernel CVE team has assigned CVE-2024-26879 to this issue. |
| |
| |
| Affected and fixed versions |
| =========================== |
| |
| Issue introduced in 5.11 with commit 14ebb3154b8f3d562cb18331b08ff1a22609ae59 and fixed in 5.15.153 with commit a03ed00787b0ce7a83eebabd0fa95ecc4a5cac84 |
| Issue introduced in 5.11 with commit 14ebb3154b8f3d562cb18331b08ff1a22609ae59 and fixed in 6.1.83 with commit 7ae1b0dc12ec407f12f80b49d22c6ad2308e2202 |
| Issue introduced in 5.11 with commit 14ebb3154b8f3d562cb18331b08ff1a22609ae59 and fixed in 6.6.23 with commit 0cbefc7b5bdad86b18a263d837450cdc9a56f8d7 |
| Issue introduced in 5.11 with commit 14ebb3154b8f3d562cb18331b08ff1a22609ae59 and fixed in 6.7.11 with commit a860aaebacbc908fa06e2642402058f40bfffe10 |
| Issue introduced in 5.11 with commit 14ebb3154b8f3d562cb18331b08ff1a22609ae59 and fixed in 6.8.2 with commit 9f3e5df38b4528213449e55b80f0316864f2a1c8 |
| Issue introduced in 5.11 with commit 14ebb3154b8f3d562cb18331b08ff1a22609ae59 and fixed in 6.9 with commit ba535bce57e71463a86f8b33a0ea88c26e3a6418 |
| |
| Please see https://www.kernel.org for a full list of currently supported |
| kernel versions by the kernel community. |
| |
| Unaffected versions might change over time as fixes are backported to |
| older supported kernel versions. The official CVE entry at |
| https://cve.org/CVERecord/?id=CVE-2024-26879 |
| will be updated if fixes are backported, please check that for the most |
| up to date information about this issue. |
| |
| |
| Affected files |
| ============== |
| |
| The file(s) affected by this issue are: |
| drivers/clk/meson/axg.c |
| |
| |
| Mitigation |
| ========== |
| |
| The Linux kernel CVE team recommends that you update to the latest |
| stable kernel version for this, and many other bugfixes. Individual |
| changes are never tested alone, but rather are part of a larger kernel |
| release. Cherry-picking individual commits is not recommended or |
| supported by the Linux kernel community at all. If however, updating to |
| the latest release is impossible, the individual changes to resolve this |
| issue can be found at these commits: |
| https://git.kernel.org/stable/c/a03ed00787b0ce7a83eebabd0fa95ecc4a5cac84 |
| https://git.kernel.org/stable/c/7ae1b0dc12ec407f12f80b49d22c6ad2308e2202 |
| https://git.kernel.org/stable/c/0cbefc7b5bdad86b18a263d837450cdc9a56f8d7 |
| https://git.kernel.org/stable/c/a860aaebacbc908fa06e2642402058f40bfffe10 |
| https://git.kernel.org/stable/c/9f3e5df38b4528213449e55b80f0316864f2a1c8 |
| https://git.kernel.org/stable/c/ba535bce57e71463a86f8b33a0ea88c26e3a6418 |
