PT-2024-29180 · Linux+7 · Linux Kernel+7

Published

2024-04-22

·

Updated

2026-03-14

·

CVE-2024-40965

CVSS v2.0

7.5

High

VectorAV:N/AC:L/Au:N/C:P/I:P/A:P
Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)
Description A deadlock has been observed in the Linux kernel when adding the tlv320aic32x4 audio codec to the system. This occurs because the clock provider needs to access i2c, which in turn requires the mutex for clk get rate. To resolve this issue, the clock rate is locked and cached instead of repeatedly calling clk get rate for each transfer.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

DoS

Improper Locking

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-833CWE-667

Related Identifiers

ALSA-2025_12746
ALSA-2025_12752
ALSA-2025_12753
ALSA-2025_16880
ALT-PU-2025-12647
AZL-48957
AZL-48969
BDU:2025-03026
CVE-2024-40965
ECHO-258C-37D0-876F
INFSA-2024_9315
OESA-2025-1095
OESA-2025-1096
OESA-2025-1097
OPENSUSE-SU-2024_3551-1
OPENSUSE-SU-2024_3561-1
OPENSUSE-SU-2024_3564-1
OPENSUSE-SU-2024_3983-1
OPENSUSE-SU-2024_3985-1
RHSA-2024:9315
RHSA-2024_9315
SUSE-SU-2024:3551-1
SUSE-SU-2024:3553-1
SUSE-SU-2024:3561-1
SUSE-SU-2024:3564-1
SUSE-SU-2024:3983-1
SUSE-SU-2024:3985-1
SUSE-SU-2024:4100-1
SUSE-SU-2024:4364-1
SUSE-SU-2025:0034-1
SUSE-SU-2025:20073-1
SUSE-SU-2025:20077-1
USN-6999-1
USN-6999-2
USN-7004-1
USN-7005-1
USN-7005-2
USN-7008-1
USN-7029-1
USN-7288-1
USN-7288-2
USN-7289-1
USN-7289-2
USN-7289-3
USN-7289-4
USN-7291-1
USN-7293-1
USN-7294-1
USN-7294-2
USN-7294-3
USN-7294-4
USN-7295-1
USN-7305-1
USN-7308-1
USN-7331-1
USN-7388-1
USN-7389-1
USN-7390-1
USN-7393-1
USN-7401-1
USN-7413-1
USN-7458-1
USN-7539-1
USN-7540-1

Affected Products

Alt Linux
Astra Linux
Debian
Linuxmint
Linux Kernel
Red Hat
Suse
Ubuntu