Bug 2350382 (CVE-2024-58076) - CVE-2024-58076 kernel: clk: qcom: gcc-sm6350: Add missing parent_map for two clocks
Summary: CVE-2024-58076 kernel: clk: qcom: gcc-sm6350: Add missing parent_map for two ...
Keywords:
Status: NEW
Alias: CVE-2024-58076
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Product Security DevOps Team
QA Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2025-03-06 17:01 UTC by OSIDB Bzimport
Modified: 2025-04-02 13:20 UTC (History)
4 users (show)

Fixed In Version:
Clone Of:
Environment:
Last Closed:
Embargoed:

Attachments (Terms of Use)

Description OSIDB Bzimport 2025-03-06 17:01:08 UTC 
In the Linux kernel, the following vulnerability has been resolved:

clk: qcom: gcc-sm6350: Add missing parent_map for two clocks

If a clk_rcg2 has a parent, it should also have parent_map defined,
otherwise we'll get a NULL pointer dereference when calling clk_set_rate
like the following:

  [    3.388105] Call trace:
  [    3.390664]  qcom_find_src_index+0x3c/0x70 (P)
  [    3.395301]  qcom_find_src_index+0x1c/0x70 (L)
  [    3.399934]  _freq_tbl_determine_rate+0x48/0x100
  [    3.404753]  clk_rcg2_determine_rate+0x1c/0x28
  [    3.409387]  clk_core_determine_round_nolock+0x58/0xe4
  [    3.421414]  clk_core_round_rate_nolock+0x48/0xfc
  [    3.432974]  clk_core_round_rate_nolock+0xd0/0xfc
  [    3.444483]  clk_core_set_rate_nolock+0x8c/0x300
  [    3.455886]  clk_set_rate+0x38/0x14c

Add the parent_map property for two clocks where it's missing and also
un-inline the parent_data as well to keep the matching parent_map and
parent_data together.
Comment 1 Mauro Matteo Cascella 2025-03-06 20:25:56 UTC 
Upstream advisory:
https://lore.kernel.org/linux-cve-announce/2025030608-CVE-2024-58076-3dcc@gregkh/T
Note You need to log in before you can comment on or make changes to this bug.