cve/published/2024/CVE-2024-57978.mbox - pub/scm/linux/security/vulns - Git at Google

 From bippy-5f407fcff5a0 Mon Sep 17 00:00:00 2001
 From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
 To: <linux-cve-announce@vger.kernel.org>
 Reply-to: <cve@kernel.org>, <linux-kernel@vger.kernel.org>
 Subject: CVE-2024-57978: media: imx-jpeg: Fix potential error pointer dereference in detach_pm()

 Description
 ===========

 In the Linux kernel, the following vulnerability has been resolved:

 media: imx-jpeg: Fix potential error pointer dereference in detach_pm()

 The proble is on the first line:

 	if (jpeg->pd_dev[i] && !pm_runtime_suspended(jpeg->pd_dev[i]))

 If jpeg->pd_dev[i] is an error pointer, then passing it to
 pm_runtime_suspended() will lead to an Oops.  The other conditions
 check for both error pointers and NULL, but it would be more clear to
 use the IS_ERR_OR_NULL() check for that.

 The Linux kernel CVE team has assigned CVE-2024-57978 to this issue.


 Affected and fixed versions
 ===========================

 	Issue introduced in 5.15.174 with commit f3c4e088ec01cae45931a18ddf7cae0f4d72e1c5 and fixed in 5.15.179 with commit a32ba399a030853f2db45a90ba5474fdd3494aad
 	Issue introduced in 6.1.120 with commit 12914fd765ba4f9d6a9a50439e8dd2e9f91423f2 and fixed in 6.1.129 with commit fde89fe11b44500bfcb2d405825b69a5df805d19
 	Issue introduced in 6.6.64 with commit b7a830bbc25da0f641e3ef2bac3b1766b2777a8b and fixed in 6.6.76 with commit 1b2af918bb714937a8be6cb637f528585461cd98
 	Issue introduced in 6.12.4 with commit 2f86d104539fab9181ea7b5721f40e7b92a8bf67 and fixed in 6.12.13 with commit 6e601a64f7777e2f78c02db1a8b5ba3b7c5e9e31
 	Issue introduced in 6.13 with commit fd0af4cd35da0eb550ef682b71cda70a4e36f6b9 and fixed in 6.13.2 with commit f0b8535a7885ed4fd0b11625addb5476cae0f845
 	Issue introduced in 6.13 with commit fd0af4cd35da0eb550ef682b71cda70a4e36f6b9 and fixed in 6.14 with commit 1378ffec30367233152b7dbf4fa6a25ee98585d1

 Please see https://www.kernel.org for a full list of currently supported
 kernel versions by the kernel community.

 Unaffected versions might change over time as fixes are backported to
 older supported kernel versions.  The official CVE entry at
 	https://cve.org/CVERecord/?id=CVE-2024-57978
 will be updated if fixes are backported, please check that for the most
 up to date information about this issue.


 Affected files
 ==============

 The file(s) affected by this issue are:
 	drivers/media/platform/nxp/imx-jpeg/mxc-jpeg.c


 Mitigation
 ==========

 The Linux kernel CVE team recommends that you update to the latest
 stable kernel version for this, and many other bugfixes.  Individual
 changes are never tested alone, but rather are part of a larger kernel
 release.  Cherry-picking individual commits is not recommended or
 supported by the Linux kernel community at all.  If however, updating to
 the latest release is impossible, the individual changes to resolve this
 issue can be found at these commits:
 	https://git.kernel.org/stable/c/a32ba399a030853f2db45a90ba5474fdd3494aad
 	https://git.kernel.org/stable/c/fde89fe11b44500bfcb2d405825b69a5df805d19
 	https://git.kernel.org/stable/c/1b2af918bb714937a8be6cb637f528585461cd98
 	https://git.kernel.org/stable/c/6e601a64f7777e2f78c02db1a8b5ba3b7c5e9e31
 	https://git.kernel.org/stable/c/f0b8535a7885ed4fd0b11625addb5476cae0f845
 	https://git.kernel.org/stable/c/1378ffec30367233152b7dbf4fa6a25ee98585d1
	From bippy-5f407fcff5a0 Mon Sep 17 00:00:00 2001
	From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
	To: <linux-cve-announce@vger.kernel.org>
	Reply-to: <cve@kernel.org>, <linux-kernel@vger.kernel.org>
	Subject: CVE-2024-57978: media: imx-jpeg: Fix potential error pointer dereference in detach_pm()

	Description
	===========

	In the Linux kernel, the following vulnerability has been resolved:

	media: imx-jpeg: Fix potential error pointer dereference in detach_pm()

	The proble is on the first line:

	if (jpeg->pd_dev[i] && !pm_runtime_suspended(jpeg->pd_dev[i]))

	If jpeg->pd_dev[i] is an error pointer, then passing it to
	pm_runtime_suspended() will lead to an Oops. The other conditions
	check for both error pointers and NULL, but it would be more clear to
	use the IS_ERR_OR_NULL() check for that.

	The Linux kernel CVE team has assigned CVE-2024-57978 to this issue.


	Affected and fixed versions
	===========================

	Issue introduced in 5.15.174 with commit f3c4e088ec01cae45931a18ddf7cae0f4d72e1c5 and fixed in 5.15.179 with commit a32ba399a030853f2db45a90ba5474fdd3494aad
	Issue introduced in 6.1.120 with commit 12914fd765ba4f9d6a9a50439e8dd2e9f91423f2 and fixed in 6.1.129 with commit fde89fe11b44500bfcb2d405825b69a5df805d19
	Issue introduced in 6.6.64 with commit b7a830bbc25da0f641e3ef2bac3b1766b2777a8b and fixed in 6.6.76 with commit 1b2af918bb714937a8be6cb637f528585461cd98
	Issue introduced in 6.12.4 with commit 2f86d104539fab9181ea7b5721f40e7b92a8bf67 and fixed in 6.12.13 with commit 6e601a64f7777e2f78c02db1a8b5ba3b7c5e9e31
	Issue introduced in 6.13 with commit fd0af4cd35da0eb550ef682b71cda70a4e36f6b9 and fixed in 6.13.2 with commit f0b8535a7885ed4fd0b11625addb5476cae0f845
	Issue introduced in 6.13 with commit fd0af4cd35da0eb550ef682b71cda70a4e36f6b9 and fixed in 6.14 with commit 1378ffec30367233152b7dbf4fa6a25ee98585d1

	Please see https://www.kernel.org for a full list of currently supported
	kernel versions by the kernel community.

	Unaffected versions might change over time as fixes are backported to
	older supported kernel versions. The official CVE entry at
	https://cve.org/CVERecord/?id=CVE-2024-57978
	will be updated if fixes are backported, please check that for the most
	up to date information about this issue.


	Affected files
	==============

	The file(s) affected by this issue are:
	drivers/media/platform/nxp/imx-jpeg/mxc-jpeg.c


	Mitigation
	==========

	The Linux kernel CVE team recommends that you update to the latest
	stable kernel version for this, and many other bugfixes. Individual
	changes are never tested alone, but rather are part of a larger kernel
	release. Cherry-picking individual commits is not recommended or
	supported by the Linux kernel community at all. If however, updating to
	the latest release is impossible, the individual changes to resolve this
	issue can be found at these commits:
	https://git.kernel.org/stable/c/a32ba399a030853f2db45a90ba5474fdd3494aad
	https://git.kernel.org/stable/c/fde89fe11b44500bfcb2d405825b69a5df805d19
	https://git.kernel.org/stable/c/1b2af918bb714937a8be6cb637f528585461cd98
	https://git.kernel.org/stable/c/6e601a64f7777e2f78c02db1a8b5ba3b7c5e9e31
	https://git.kernel.org/stable/c/f0b8535a7885ed4fd0b11625addb5476cae0f845
	https://git.kernel.org/stable/c/1378ffec30367233152b7dbf4fa6a25ee98585d1