CVE-2024-56575

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.6.36-gd23d64eea511

Description A vulnerability in the Linux kernel has been resolved, specifically in the media: imx-jpeg component. The issue arises when power suppliers are not properly suspended before being detached, which can lead to a kernel panic. This occurs because dev pm domain detach() requires the caller to ensure proper synchronization with power management callbacks. If not handled correctly, the detach may result in a kernel panic, as indicated by the error messages provided.

Recommendations To resolve this issue, update the Linux kernel to a version that includes the fix for this vulnerability. Specifically, versions after 6.6.36-gd23d64eea511 should include the necessary corrections. As a temporary workaround, consider disabling the genpd runtime suspend() function until a patch is available. However, this should be approached with caution, as it may have unintended consequences on system functionality.