VDB

CISA-2024-42100

CISA-2024-42100 PUBLISHED

Reported by Linux · Published July 30, 2024

In the Linux kernel, the following vulnerability has been resolved: clk: sunxi-ng: common: Don't call hw_to_ccu_common on hw without common In order to set the rate range of a hw sunxi_ccu_probe calls hw_to_ccu_common() assuming all entries in desc->ccu_clks are contained in a ccu_common struct. This assumption is incorrect and, in consequence, causes invalid pointer de-references. Remove the faulty call. Instead, add one more loop that iterates over the ccu_clks and sets the rate range, if required.

Affected Products

VendorProductVersions
LinuxLinux547263745e15a038ec3954b5c283805529377626, b914ec33b391ec766545a41f0cfc0de3e0b388d7, b914ec33b391ec766545a41f0cfc0de3e0b388d7
LinuxLinux6.9, 0, 6.6.39
linuxlinux_kernel6.6.31, 6.9, 6.9
LinuxLinux547263745e15a038ec3954b5c283805529377626, b914ec33b391ec766545a41f0cfc0de3e0b388d7, b914ec33b391ec766545a41f0cfc0de3e0b388d7

Timeline

  • Jul 30, 2024 CVE Published
  • May 4, 2025 CVE Updated

References

Open in Interactive Console →
$ Console Community · 100/wk Open console ›