CVE-2024-56723

Jan. 9, 2025, 8:25 p.m.

5.5
Medium

Description

In the Linux kernel, the following vulnerability has been resolved: mfd: intel_soc_pmic_bxtwc: Use IRQ domain for PMIC devices While design wise the idea of converting the driver to use the hierarchy of the IRQ chips is correct, the implementation has (inherited) flaws. This was unveiled when platform_get_irq() had started WARN() on IRQ 0 that is supposed to be a Linux IRQ number (also known as vIRQ). Rework the driver to respect IRQ domain when creating each MFD device separately, as the domain is not the same for all of them.

Product(s) Impacted

Vendor Product Versions
Linux
  • Linux Kernel
  • *

Weaknesses

Common security weaknesses mapped to this vulnerability.

*CPE(s)

Affected systems and software identified for this CVE.

Type Vendor Product Version Update Edition Language Software Edition Target Software Target Hardware Other Information
o linux linux_kernel / / / / / / / /
o linux linux_kernel / / / / / / / /
o linux linux_kernel / / / / / / / /
o linux linux_kernel / / / / / / / /
o linux linux_kernel / / / / / / / /
o linux linux_kernel / / / / / / / /
o linux linux_kernel / / / / / / / /

References

https://git.kernel.org/stable/c/0350d783ab888cb1cb48ced36cc28b372723f1a4
https://git.kernel.org/stable/c/61d590d7076b50b6ebdea1f3b83bb041c01fc482
https://git.kernel.org/stable/c/6ea17c03edc7ed0aabb1431eb26e2f94849af68a
https://git.kernel.org/stable/c/7ba45b8bc62e64da524d45532107ae93eb33c93c
https://git.kernel.org/stable/c/897713c9d24f6ec394585abfcf259a6e5cad22c8
https://git.kernel.org/stable/c/b3d45c19bcffb9a9a821df759f60be39d88c19f4
https://git.kernel.org/stable/c/bb6642d4b3136359b5b620049f76515876e6127e
https://git.kernel.org/stable/c/d4cc78bd6a25accb7ae2ac9fc445d1e1deda4a62

Tags

416baaa9-dc9f-4396-8d5f-8c081fb06d67
NVD-CWE-noinfo
2024-12-29
CVE-2024-56723

CVSS Score

5.5 / 10

CVSS Data

  • Attack Vector: LOCAL
  • Attack Complexity: LOW
  • Privileges Required: LOW
  • Scope: UNCHANGED
  • Confidentiality Impact: NONE
  • Integrity Impact: NONE
  • Availability Impact: HIGH
    • View Vector String

    CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Date

  • Published: Dec. 29, 2024, 12:15 p.m.
  • Last Modified: Jan. 9, 2025, 8:25 p.m.

Status : Analyzed

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

416baaa9-dc9f-4396-8d5f-8c081fb06d67

*Disclaimer: Some vulnerabilities do not have an associated CPE. To enhance the data, we use AI to infer CPEs based on CVE details. This is an automated process and might not always be accurate.