CVE-2024-42127Improper Control of a Resource Through its Lifetime in Linux

CWE-664Improper Control of a Resource Through its Lifetime49 documents6 sources
Severity
5.5MEDIUMNVD
OSV7.8OSV5.3
EPSS
0.0%
top 96.67%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
4
LinuxLinux KernelDebian Linux+1 more
Timeline
PublishedJul 30
Latest updateDec 12

Description

In the Linux kernel, the following vulnerability has been resolved: drm/lima: fix shared irq handling on driver remove lima uses a shared interrupt, so the interrupt handlers must be prepared to be called at any time. At driver removal time, the clocks are disabled early and the interrupts stay registered until the very end of the remove process due to the devm usage. This is potentially a bug as the interrupts access device registers which assumes clocks are enabled. A crash can be triggered

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages6 packages

NVDlinux/linux_kernel5.25.4.280+5
Debianlinux/linux_kernel< 5.10.223-1+3
Ubuntulinux/linux_kernel< 5.4.0-195.215+2
CVEListV5linux/linuxa1d2a6339961efc078208dc3b2f006e9e9a8e1190d60c43df59ef01c08dc7b0c45495178f9d05a13+7
debiandebian/linux< linux 6.1.98-1 (bookworm)

Patches

Patch: git.kernel.orgPatch: git.kernel.orgPatch: git.kernel.org

🔴Vulnerability Details

24
OSV
linux-gkeop vulnerabilities2024-12-12
OSV
linux-lowlatency, linux-lowlatency-hwe-6.8 vulnerabilities2024-11-19
OSV
linux-gke vulnerabilities2024-11-15
OSV
linux-raspi vulnerabilities2024-11-14
OSV
linux-oem-6.8 vulnerabilities2024-11-13

📋Vendor Advisories

24
Ubuntu
Linux kernel (GKE) vulnerabilities2024-12-12
Ubuntu
Linux kernel (Low Latency) vulnerabilities2024-11-19
Ubuntu
Linux kernel vulnerabilities2024-11-15
Ubuntu
Linux kernel vulnerabilities2024-11-14
Ubuntu
Linux kernel vulnerabilities2024-11-13