Bug 2334556 (CVE-2024-56671) - CVE-2024-56671 kernel: gpio: graniterapids: Fix vGPIO driver crash
Summary: CVE-2024-56671 kernel: gpio: graniterapids: Fix vGPIO driver crash
Keywords:
Status: NEW
Alias: CVE-2024-56671
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Product Security DevOps Team
QA Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2024-12-27 16:03 UTC by OSIDB Bzimport
Modified: 2024-12-28 02:19 UTC (History)
4 users (show)

Fixed In Version:
Clone Of:
Environment:
Last Closed:
Embargoed:

Attachments (Terms of Use)

Description OSIDB Bzimport 2024-12-27 16:03:19 UTC 
In the Linux kernel, the following vulnerability has been resolved:

gpio: graniterapids: Fix vGPIO driver crash

Move setting irq_chip.name from probe() function to the initialization
of "irq_chip" struct in order to fix vGPIO driver crash during bootup.

Crash was caused by unauthorized modification of irq_chip.name field
where irq_chip struct was initialized as const.

This behavior is a consequence of suboptimal implementation of
gpio_irq_chip_set_chip(), which should be changed to avoid
casting away const qualifier.

Crash log:
BUG: unable to handle page fault for address: ffffffffc0ba81c0
/#PF: supervisor write access in kernel mode
/#PF: error_code(0x0003) - permissions violation
CPU: 33 UID: 0 PID: 1075 Comm: systemd-udevd Not tainted 6.12.0-rc6-00077-g2e1b3cc9d7f7 #1
Hardware name: Intel Corporation Kaseyville RP/Kaseyville RP, BIOS KVLDCRB1.PGS.0026.D73.2410081258 10/08/2024
RIP: 0010:gnr_gpio_probe+0x171/0x220 [gpio_graniterapids]
Comment 1 Avinash Hanwate 2024-12-28 02:15:58 UTC 
Upstream advisory:
https://lore.kernel.org/linux-cve-announce/2024122755-CVE-2024-56671-89d8@gregkh/T
Note You need to log in before you can comment on or make changes to this bug.