| { |
| "containers": { |
| "cna": { |
| "providerMetadata": { |
| "orgId": "f4215fc3-5b6b-47ff-a258-f7189bd81038" |
| }, |
| "descriptions": [ |
| { |
| "lang": "en", |
| "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: i2c: tc358743: Fix crash in the probe error path when using polling\n\nIf an error occurs in the probe() function, we should remove the polling\ntimer that was alarmed earlier, otherwise the timer is called with\narguments that are already freed, which results in a crash.\n\n------------[ cut here ]------------\nWARNING: CPU: 3 PID: 0 at kernel/time/timer.c:1830 __run_timers+0x244/0x268\nModules linked in:\nCPU: 3 UID: 0 PID: 0 Comm: swapper/3 Not tainted 6.11.0 #226\nHardware name: Diasom DS-RK3568-SOM-EVB (DT)\npstate: 804000c9 (Nzcv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--)\npc : __run_timers+0x244/0x268\nlr : __run_timers+0x1d4/0x268\nsp : ffffff80eff2baf0\nx29: ffffff80eff2bb50 x28: 7fffffffffffffff x27: ffffff80eff2bb00\nx26: ffffffc080f669c0 x25: ffffff80efef6bf0 x24: ffffff80eff2bb00\nx23: 0000000000000000 x22: dead000000000122 x21: 0000000000000000\nx20: ffffff80efef6b80 x19: ffffff80041c8bf8 x18: ffffffffffffffff\nx17: ffffffc06f146000 x16: ffffff80eff27dc0 x15: 000000000000003e\nx14: 0000000000000000 x13: 00000000000054da x12: 0000000000000000\nx11: 00000000000639c0 x10: 000000000000000c x9 : 0000000000000009\nx8 : ffffff80eff2cb40 x7 : ffffff80eff2cb40 x6 : ffffff8002bee480\nx5 : ffffffc080cb2220 x4 : ffffffc080cb2150 x3 : 00000000000f4240\nx2 : 0000000000000102 x1 : ffffff80eff2bb00 x0 : ffffff80041c8bf0\nCall trace:\n __run_timers+0x244/0x268\n timer_expire_remote+0x50/0x68\n tmigr_handle_remote+0x388/0x39c\n run_timer_softirq+0x38/0x44\n handle_softirqs+0x138/0x298\n __do_softirq+0x14/0x20\n ____do_softirq+0x10/0x1c\n call_on_irq_stack+0x24/0x4c\n do_softirq_own_stack+0x1c/0x2c\n irq_exit_rcu+0x9c/0xcc\n el1_interrupt+0x48/0xc0\n el1h_64_irq_handler+0x18/0x24\n el1h_64_irq+0x7c/0x80\n default_idle_call+0x34/0x68\n do_idle+0x23c/0x294\n cpu_startup_entry+0x38/0x3c\n secondary_start_kernel+0x128/0x160\n __secondary_switched+0xb8/0xbc\n---[ end trace 0000000000000000 ]---" |
| } |
| ], |
| "affected": [ |
| { |
| "product": "Linux", |
| "vendor": "Linux", |
| "defaultStatus": "unaffected", |
| "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", |
| "programFiles": [ |
| "drivers/media/i2c/tc358743.c" |
| ], |
| "versions": [ |
| { |
| "version": "4e66a52a2e4c832dfa35a39204d0f7ce717d4a4a", |
| "lessThan": "13193a97ddd5a6a5b11408ddbc1ae85588b1860c", |
| "status": "affected", |
| "versionType": "git" |
| }, |
| { |
| "version": "4e66a52a2e4c832dfa35a39204d0f7ce717d4a4a", |
| "lessThan": "5c9ab34c87af718bdbf9faa2b1a6ba41d15380ea", |
| "status": "affected", |
| "versionType": "git" |
| }, |
| { |
| "version": "4e66a52a2e4c832dfa35a39204d0f7ce717d4a4a", |
| "lessThan": "815d14147068347e88c258233eb951b41b2792a6", |
| "status": "affected", |
| "versionType": "git" |
| }, |
| { |
| "version": "4e66a52a2e4c832dfa35a39204d0f7ce717d4a4a", |
| "lessThan": "34a3466a92f50c51d984f0ec2e96864886d460eb", |
| "status": "affected", |
| "versionType": "git" |
| }, |
| { |
| "version": "4e66a52a2e4c832dfa35a39204d0f7ce717d4a4a", |
| "lessThan": "b59ab89bc83f7bff67f78c6caf484a84a6dd30f7", |
| "status": "affected", |
| "versionType": "git" |
| }, |
| { |
| "version": "4e66a52a2e4c832dfa35a39204d0f7ce717d4a4a", |
| "lessThan": "1def915b1564f4375330bd113ea1d768a569cfd8", |
| "status": "affected", |
| "versionType": "git" |
| }, |
| { |
| "version": "4e66a52a2e4c832dfa35a39204d0f7ce717d4a4a", |
| "lessThan": "869f38ae07f7df829da4951c3d1f7a2be09c2e9a", |
| "status": "affected", |
| "versionType": "git" |
| } |
| ] |
| }, |
| { |
| "product": "Linux", |
| "vendor": "Linux", |
| "defaultStatus": "affected", |
| "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", |
| "programFiles": [ |
| "drivers/media/i2c/tc358743.c" |
| ], |
| "versions": [ |
| { |
| "version": "4.13", |
| "status": "affected" |
| }, |
| { |
| "version": "0", |
| "lessThan": "4.13", |
| "status": "unaffected", |
| "versionType": "semver" |
| }, |
| { |
| "version": "5.4.287", |
| "lessThanOrEqual": "5.4.*", |
| "status": "unaffected", |
| "versionType": "semver" |
| }, |
| { |
| "version": "5.10.231", |
| "lessThanOrEqual": "5.10.*", |
| "status": "unaffected", |
| "versionType": "semver" |
| }, |
| { |
| "version": "5.15.174", |
| "lessThanOrEqual": "5.15.*", |
| "status": "unaffected", |
| "versionType": "semver" |
| }, |
| { |
| "version": "6.1.120", |
| "lessThanOrEqual": "6.1.*", |
| "status": "unaffected", |
| "versionType": "semver" |
| }, |
| { |
| "version": "6.6.64", |
| "lessThanOrEqual": "6.6.*", |
| "status": "unaffected", |
| "versionType": "semver" |
| }, |
| { |
| "version": "6.12.4", |
| "lessThanOrEqual": "6.12.*", |
| "status": "unaffected", |
| "versionType": "semver" |
| }, |
| { |
| "version": "6.13", |
| "lessThanOrEqual": "*", |
| "status": "unaffected", |
| "versionType": "original_commit_for_fix" |
| } |
| ] |
| } |
| ], |
| "cpeApplicability": [ |
| { |
| "nodes": [ |
| { |
| "operator": "OR", |
| "negate": false, |
| "cpeMatch": [ |
| { |
| "vulnerable": true, |
| "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", |
| "versionStartIncluding": "4.13", |
| "versionEndExcluding": "5.4.287" |
| }, |
| { |
| "vulnerable": true, |
| "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", |
| "versionStartIncluding": "4.13", |
| "versionEndExcluding": "5.10.231" |
| }, |
| { |
| "vulnerable": true, |
| "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", |
| "versionStartIncluding": "4.13", |
| "versionEndExcluding": "5.15.174" |
| }, |
| { |
| "vulnerable": true, |
| "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", |
| "versionStartIncluding": "4.13", |
| "versionEndExcluding": "6.1.120" |
| }, |
| { |
| "vulnerable": true, |
| "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", |
| "versionStartIncluding": "4.13", |
| "versionEndExcluding": "6.6.64" |
| }, |
| { |
| "vulnerable": true, |
| "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", |
| "versionStartIncluding": "4.13", |
| "versionEndExcluding": "6.12.4" |
| }, |
| { |
| "vulnerable": true, |
| "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", |
| "versionStartIncluding": "4.13", |
| "versionEndExcluding": "6.13" |
| } |
| ] |
| } |
| ] |
| } |
| ], |
| "references": [ |
| { |
| "url": "https://git.kernel.org/stable/c/13193a97ddd5a6a5b11408ddbc1ae85588b1860c" |
| }, |
| { |
| "url": "https://git.kernel.org/stable/c/5c9ab34c87af718bdbf9faa2b1a6ba41d15380ea" |
| }, |
| { |
| "url": "https://git.kernel.org/stable/c/815d14147068347e88c258233eb951b41b2792a6" |
| }, |
| { |
| "url": "https://git.kernel.org/stable/c/34a3466a92f50c51d984f0ec2e96864886d460eb" |
| }, |
| { |
| "url": "https://git.kernel.org/stable/c/b59ab89bc83f7bff67f78c6caf484a84a6dd30f7" |
| }, |
| { |
| "url": "https://git.kernel.org/stable/c/1def915b1564f4375330bd113ea1d768a569cfd8" |
| }, |
| { |
| "url": "https://git.kernel.org/stable/c/869f38ae07f7df829da4951c3d1f7a2be09c2e9a" |
| } |
| ], |
| "title": "media: i2c: tc358743: Fix crash in the probe error path when using polling", |
| "x_generator": { |
| "engine": "bippy-1.2.0" |
| } |
| } |
| }, |
| "cveMetadata": { |
| "assignerOrgId": "f4215fc3-5b6b-47ff-a258-f7189bd81038", |
| "cveID": "CVE-2024-56576", |
| "requesterUserId": "gregkh@kernel.org", |
| "serial": "1", |
| "state": "PUBLISHED" |
| }, |
| "dataType": "CVE_RECORD", |
| "dataVersion": "5.0" |
| } |
