CVE-2024-45828

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.6.74

Description: A vulnerability in the Linux kernel has been resolved. The issue is related to the bus cleanup path in DMA mode, which may trigger a RING OP STAT interrupt when the ring is being stopped. Depending on the timing between the ring stop request completion, interrupt handler removal, and code execution, this may lead to a NULL pointer dereference in hci dma irq handler() if it gets to run after the io data pointer is set to NULL in hci dma cleanup(). This is prevented by masking the ring interrupts before the ring stop request.

Recommendations: For Linux kernel versions prior to 6.6.74, update to version 6.6.74 or later to resolve the issue. As a temporary workaround, consider disabling the hci dma irq handler() function until a patch is available. Restrict access to the vulnerable mipi-i3c-hci module to minimize the risk of exploitation. Avoid using the io data pointer in the affected hci dma cleanup() function until the issue is resolved.