Wind River Support Network

HomeDefectsLIN1024-7840
Fixed

LIN1024-7840 : Security Advisory - linux - CVE-2024-58056

Created: Mar 6, 2025    Updated: Mar 7, 2025
Resolved Date: Mar 7, 2025
Found In Version: 10.24.33.1
Severity: Standard
Applicable for: Wind River Linux LTS 24
Component/s: Kernel

Description

In the Linux kernel, the following vulnerability has been resolved:remoteproc: core: Fix ida_free call while not allocatedIn the rproc_alloc() function, on error, put_device(&rproc->dev) iscalled, leading to the call of the rproc_type_release() function.An error can occurs before ida_alloc is called.In such case in rproc_type_release(), the condition (rproc->index >= 0) istrue as rproc->index has been  initialized to 0.ida_free() is called reporting a warning:    4.181906] WARNING: CPU: 1 PID: 24 at lib/idr.c:525 ida_free+0x100/0x164[    4.186378] stm32-display-dsi 5a000000.dsi: Fixed dependency cycle(s) with /soc/dsi@5a000000/panel@0[    4.188854] ida_free called for id=0 which is not allocated.[    4.198256] mipi-dsi 5a000000.dsi.0: Fixed dependency cycle(s) with /soc/dsi@5a000000[    4.203556] Modules linked in: panel_orisetech_otm8009a dw_mipi_dsi_stm(+) gpu_sched dw_mipi_dsi stm32_rproc stm32_crc32 stm32_ipcc(+) optee(+)[    4.224307] CPU: 1 UID: 0 PID: 24 Comm: kworker/u10:0 Not tainted 6.12.0 #442[    4.231481] Hardware name: STM32 (Device Tree Support)[    4.236627] Workqueue: events_unbound deferred_probe_work_func[    4.242504] Call trace:[    4.242522]  unwind_backtrace from show_stack+0x10/0x14[    4.250218]  show_stack from dump_stack_lvl+0x50/0x64[    4.255274]  dump_stack_lvl from __warn+0x80/0x12c[    4.260134]  __warn from warn_slowpath_fmt+0x114/0x188[    4.265199]  warn_slowpath_fmt from ida_free+0x100/0x164[    4.270565]  ida_free from rproc_type_release+0x38/0x60[    4.275832]  rproc_type_release from device_release+0x30/0xa0[    4.281601]  device_release from kobject_put+0xc4/0x294[    4.286762]  kobject_put from rproc_alloc.part.0+0x208/0x28c[    4.292430]  rproc_alloc.part.0 from devm_rproc_alloc+0x80/0xc4[    4.298393]  devm_rproc_alloc from stm32_rproc_probe+0xd0/0x844 [stm32_rproc][    4.305575]  stm32_rproc_probe [stm32_rproc] from platform_probe+0x5c/0xbcCalling ida_alloc earlier in rproc_alloc ensures that the rproc->index isproperly set.

CREATE(Triage):(User=admin) [CVE-2024-58056 (https://nvd.nist.gov/vuln/detail/CVE-2024-58056)

CVEs

Live chat
Online
  • Linkedin
  • Facebook
  • Twitter
  • Youtube