PT-2024-37066 · Linux+7 · Linux Kernel+7

Published

2024-12-29

·

Updated

2025-10-03

·

CVE-2024-56754

CVSS v3.1

5.5

Medium

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)
Description A vulnerability in the Linux kernel has been resolved, specifically in the crypto: caam module. The issue was caused by a type mismatch in the caam qi shutdown() function, where the last parameter passed to devm add action or reset() was of type struct caam drv private * but was casted to struct device *. This has been fixed by passing the correct parameter to devm add action or reset() to ensure resources are released as expected.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-20

Related Identifiers

ALT-PU-2024-17893
ALT-PU-2025-12647
AZL-54753
AZL-54836
BDU:2025-05085
CVE-2024-56754
DLA-4075-1
DLA-4076-1
OESA-2025-1202
OESA-2025-1203
OESA-2025-1286
OESA-2025-1450
OPENSUSE-SU-2025_0117-1
OPENSUSE-SU-2025_0153-1
OPENSUSE-SU-2025_0154-1
OPENSUSE-SU-2025_0556-1
OPENSUSE-SU-2025_0577-1
SUSE-SU-2025:0117-1
SUSE-SU-2025:0153-1
SUSE-SU-2025:0154-1
SUSE-SU-2025:0289-1
SUSE-SU-2025:0556-1
SUSE-SU-2025:0577-1
SUSE-SU-2025:0577-2
SUSE-SU-2025:20165-1
SUSE-SU-2025:20166-1
SUSE-SU-2025:20248-1
SUSE-SU-2025:20249-1
SUSE-SU-2025_0577-1
SUSE-SU-2025_0577-2
USN-7276-1
USN-7277-1
USN-7310-1
USN-7387-1
USN-7387-2
USN-7387-3
USN-7388-1
USN-7389-1
USN-7390-1
USN-7407-1
USN-7421-1
USN-7449-1
USN-7449-2
USN-7450-1
USN-7451-1
USN-7452-1
USN-7453-1
USN-7458-1
USN-7459-1
USN-7459-2
USN-7468-1
USN-7523-1
USN-7524-1

Affected Products

Alt Linux
Astra Linux
Debian
Linuxmint
Linux Kernel
Red Os
Suse
Ubuntu