{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-56723", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2024-12-27T15:00:39.858Z", "datePublished": "2024-12-29T11:30:00.812Z", "dateUpdated": "2024-12-29T11:30:00.812Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-12-29T11:30:00.812Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmfd: intel_soc_pmic_bxtwc: Use IRQ domain for PMIC devices\n\nWhile design wise the idea of converting the driver to use\nthe hierarchy of the IRQ chips is correct, the implementation\nhas (inherited) flaws. This was unveiled when platform_get_irq()\nhad started WARN() on IRQ 0 that is supposed to be a Linux\nIRQ number (also known as vIRQ).\n\nRework the driver to respect IRQ domain when creating each MFD\ndevice separately, as the domain is not the same for all of them."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/mfd/intel_soc_pmic_bxtwc.c"], "versions": [{"version": "57129044f5044dcd73c22d91491906104bd331fd", "lessThan": "6ea17c03edc7ed0aabb1431eb26e2f94849af68a", "status": "affected", "versionType": "git"}, {"version": "57129044f5044dcd73c22d91491906104bd331fd", "lessThan": "61d590d7076b50b6ebdea1f3b83bb041c01fc482", "status": "affected", "versionType": "git"}, {"version": "57129044f5044dcd73c22d91491906104bd331fd", "lessThan": "bb6642d4b3136359b5b620049f76515876e6127e", "status": "affected", "versionType": "git"}, {"version": "57129044f5044dcd73c22d91491906104bd331fd", "lessThan": "7ba45b8bc62e64da524d45532107ae93eb33c93c", "status": "affected", "versionType": "git"}, {"version": "57129044f5044dcd73c22d91491906104bd331fd", "lessThan": "d4cc78bd6a25accb7ae2ac9fc445d1e1deda4a62", "status": "affected", "versionType": "git"}, {"version": "57129044f5044dcd73c22d91491906104bd331fd", "lessThan": "897713c9d24f6ec394585abfcf259a6e5cad22c8", "status": "affected", "versionType": "git"}, {"version": "57129044f5044dcd73c22d91491906104bd331fd", "lessThan": "b3d45c19bcffb9a9a821df759f60be39d88c19f4", "status": "affected", "versionType": "git"}, {"version": "57129044f5044dcd73c22d91491906104bd331fd", "lessThan": "0350d783ab888cb1cb48ced36cc28b372723f1a4", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/mfd/intel_soc_pmic_bxtwc.c"], "versions": [{"version": "4.13", "status": "affected"}, {"version": "0", "lessThan": "4.13", "status": "unaffected", "versionType": "semver"}, {"version": "5.4.287", "lessThanOrEqual": "5.4.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.10.231", "lessThanOrEqual": "5.10.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.15.174", "lessThanOrEqual": "5.15.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.1.120", "lessThanOrEqual": "6.1.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.6.64", "lessThanOrEqual": "6.6.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.11.11", "lessThanOrEqual": "6.11.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.12.2", "lessThanOrEqual": "6.12.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.13-rc1", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "references": [{"url": "https://git.kernel.org/stable/c/6ea17c03edc7ed0aabb1431eb26e2f94849af68a"}, {"url": "https://git.kernel.org/stable/c/61d590d7076b50b6ebdea1f3b83bb041c01fc482"}, {"url": "https://git.kernel.org/stable/c/bb6642d4b3136359b5b620049f76515876e6127e"}, {"url": "https://git.kernel.org/stable/c/7ba45b8bc62e64da524d45532107ae93eb33c93c"}, {"url": "https://git.kernel.org/stable/c/d4cc78bd6a25accb7ae2ac9fc445d1e1deda4a62"}, {"url": "https://git.kernel.org/stable/c/897713c9d24f6ec394585abfcf259a6e5cad22c8"}, {"url": "https://git.kernel.org/stable/c/b3d45c19bcffb9a9a821df759f60be39d88c19f4"}, {"url": "https://git.kernel.org/stable/c/0350d783ab888cb1cb48ced36cc28b372723f1a4"}], "title": "mfd: intel_soc_pmic_bxtwc: Use IRQ domain for PMIC devices", "x_generator": {"engine": "bippy-5f407fcff5a0"}}}}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "B3FC0E85-A276-4943-A145-65EB84DFBC0E", "versionEndExcluding": "5.4.287", "versionStartIncluding": "4.13", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "B5C644CC-2BD7-4E32-BC54-8DCC7ABE9935", "versionEndExcluding": "5.10.231", "versionStartIncluding": "5.5", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "419FD073-1517-4FD5-8158-F94BC68A1E89", "versionEndExcluding": "5.15.174", "versionStartIncluding": "5.11", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "09AC6122-E2A4-40FE-9D33-268A1B2EC265", "versionEndExcluding": "6.1.120", "versionStartIncluding": "5.16", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "CA16DEE3-ABEC-4449-9F4A-7A3DC4FC36C7", "versionEndExcluding": "6.6.64", "versionStartIncluding": "6.2", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "21434379-192D-472F-9B54-D45E3650E893", "versionEndExcluding": "6.11.11", "versionStartIncluding": "6.7", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "D8882B1B-2ABC-4838-AC1D-DBDBB5764776", "versionEndExcluding": "6.12.2", "versionStartIncluding": "6.12", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmfd: intel_soc_pmic_bxtwc: Use IRQ domain for PMIC devices\n\nWhile design wise the idea of converting the driver to use\nthe hierarchy of the IRQ chips is correct, the implementation\nhas (inherited) flaws. This was unveiled when platform_get_irq()\nhad started WARN() on IRQ 0 that is supposed to be a Linux\nIRQ number (also known as vIRQ).\n\nRework the driver to respect IRQ domain when creating each MFD\ndevice separately, as the domain is not the same for all of them."}, {"lang": "es", "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: mfd: intel_soc_pmic_bxtwc: Utilizar dominio IRQ para dispositivos PMIC Si bien en cuanto al dise\u00f1o la idea de convertir el controlador para utilizar la jerarqu\u00eda de los chips IRQ es correcta, la implementaci\u00f3n tiene fallas (heredadas). Esto se revel\u00f3 cuando platform_get_irq() hab\u00eda iniciado WARN() en IRQ 0 que se supone que es un n\u00famero IRQ de Linux (tambi\u00e9n conocido como vIRQ). Reelabore el controlador para respetar el dominio IRQ al crear cada dispositivo MFD por separado, ya que el dominio no es el mismo para todos ellos."}], "id": "CVE-2024-56723", "lastModified": "2025-01-09T20:25:59.000", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2024-12-29T12:15:06.390", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/0350d783ab888cb1cb48ced36cc28b372723f1a4"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/61d590d7076b50b6ebdea1f3b83bb041c01fc482"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/6ea17c03edc7ed0aabb1431eb26e2f94849af68a"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/7ba45b8bc62e64da524d45532107ae93eb33c93c"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/897713c9d24f6ec394585abfcf259a6e5cad22c8"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/b3d45c19bcffb9a9a821df759f60be39d88c19f4"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/bb6642d4b3136359b5b620049f76515876e6127e"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/d4cc78bd6a25accb7ae2ac9fc445d1e1deda4a62"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"bugzilla": {"description": "kernel: mfd: intel_soc_pmic_bxtwc: Use IRQ domain for PMIC devices", "id": "2334830", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2334830"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.5", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "status": "draft"}, "details": ["In the Linux kernel, the following vulnerability has been resolved:\nmfd: intel_soc_pmic_bxtwc: Use IRQ domain for PMIC devices\nWhile design wise the idea of converting the driver to use\nthe hierarchy of the IRQ chips is correct, the implementation\nhas (inherited) flaws. This was unveiled when platform_get_irq()\nhad started WARN() on IRQ 0 that is supposed to be a Linux\nIRQ number (also known as vIRQ).\nRework the driver to respect IRQ domain when creating each MFD\ndevice separately, as the domain is not the same for all of them."], "name": "CVE-2024-56723", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2024-12-29T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2024-56723\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-56723\nhttps://lore.kernel.org/linux-cve-announce/2024122923-CVE-2024-56723-f74b@gregkh/T"], "threat_severity": "Low"}