CVE-2024-27002

CVSS v2.0

7.5

High

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The issue is related to a mutual dependency between mt8183-mfgcfg and genpd during the probing stage, leading to a deadlock. The deadlock occurs in the call stack involving genpd lock and clk prepare lock. To resolve this, a runtime PM get is performed on controllers during the probe function to prevent clk register from acquiring the genpd lock. This change is applied to all Mediatek clock controller probings. The issue was verified on MT8183 and MT8192 Chromebooks.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

DoS

Improper Locking

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-667

Related Identifiers

AZL-54592

BDU:2025-02920

CVE-2024-27002

DSA-5680-1

MGASA-2024-0263

MGASA-2024-0266

SUSE-SU-2024:2135-1

SUSE-SU-2024:2203-1

SUSE-SU-2024:2973-1

SUSE-SU-2025:20008-1

SUSE-SU-2025:20028-1

SUSE-SU-2025:20166-1

SUSE-SU-2025:20249-1

USN-6893-1

USN-6893-2

USN-6893-3

USN-6918-1

Affected Products

Astra Linux

Debian

Linuxmint

Mt8183

Mt8192

Red Os

Suse

Ubuntu

CVE-2024-27002

Weakness Enumeration

Related Identifiers

Affected Products

References · 3010