PT-2024-36873 · Linux+7 · Linux Kernel+7
Prakash Gupta
+1
·
Published
2024-12-27
·
Updated
2025-10-03
·
CVE-2024-56568
CVSS v3.1
4.7
Medium
| Vector | AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
Linux kernel versions prior to 6.6.74
Description
A null pointer dereference occurs due to a race between the smmu driver probe and client driver probe. This happens when
of dma configure() for the client is called after iommu device register() for the smmu driver probe has executed but before driver bound() for the smmu driver has been called. The race occurs between the smmu device probe and client device probe, leading to a null pointer being assigned to smmu and later dereferenced in arm smmu probe device(), causing the device to crash.Recommendations
To resolve the issue, update to Linux kernel version 6.6.74 or later. As a temporary workaround, consider deferring the probe of the client device until the smmu device has bound to the arm smmu driver. Restrict access to the vulnerable
arm smmu probe device() function until the issue is resolved. Avoid using the of dma configure() function in the affected API endpoint until the issue is resolved.Exploit
Fix
NULL Pointer Dereference
Race Condition
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Alt Linux
Astra Linux
Debian
Linuxmint
Linux Kernel
Red Os
Suse
Ubuntu