{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-56724", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2024-12-27T15:00:39.859Z", "datePublished": "2024-12-29T11:30:01.641Z", "dateUpdated": "2024-12-29T11:30:01.641Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-12-29T11:30:01.641Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmfd: intel_soc_pmic_bxtwc: Use IRQ domain for TMU device\n\nWhile design wise the idea of converting the driver to use\nthe hierarchy of the IRQ chips is correct, the implementation\nhas (inherited) flaws. This was unveiled when platform_get_irq()\nhad started WARN() on IRQ 0 that is supposed to be a Linux\nIRQ number (also known as vIRQ).\n\nRework the driver to respect IRQ domain when creating each MFD\ndevice separately, as the domain is not the same for all of them."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/mfd/intel_soc_pmic_bxtwc.c", "drivers/platform/x86/intel/bxtwc_tmu.c"], "versions": [{"version": "957ae5098185e763b5c06be6c3b4b6e98c048712", "lessThan": "b7c7c400de85d915e0da7c2c363553a801c47349", "status": "affected", "versionType": "git"}, {"version": "957ae5098185e763b5c06be6c3b4b6e98c048712", "lessThan": "c472b55cc0bc3df805db6a14f50a084884cf18ee", "status": "affected", "versionType": "git"}, {"version": "957ae5098185e763b5c06be6c3b4b6e98c048712", "lessThan": "da498e02c92e6d82df8001438dd583b90c570815", "status": "affected", "versionType": "git"}, {"version": "957ae5098185e763b5c06be6c3b4b6e98c048712", "lessThan": "56acf415772ee7e10e448b371f52b249aa2d0f7b", "status": "affected", "versionType": "git"}, {"version": "957ae5098185e763b5c06be6c3b4b6e98c048712", "lessThan": "1b734ad0e33648c3988c6a37c2ac16c2d63eda06", "status": "affected", "versionType": "git"}, {"version": "957ae5098185e763b5c06be6c3b4b6e98c048712", "lessThan": "2310f5336f32eac9ada2d59b965d578efe25c4bf", "status": "affected", "versionType": "git"}, {"version": "957ae5098185e763b5c06be6c3b4b6e98c048712", "lessThan": "5bc6d0da4a32fe34a9960de577e0b7de3454de0c", "status": "affected", "versionType": "git"}, {"version": "957ae5098185e763b5c06be6c3b4b6e98c048712", "lessThan": "9b79d59e6b2b515eb9a22bc469ef7b8f0904fc73", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/mfd/intel_soc_pmic_bxtwc.c", "drivers/platform/x86/intel/bxtwc_tmu.c"], "versions": [{"version": "4.10", "status": "affected"}, {"version": "0", "lessThan": "4.10", "status": "unaffected", "versionType": "semver"}, {"version": "5.4.287", "lessThanOrEqual": "5.4.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.10.231", "lessThanOrEqual": "5.10.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.15.174", "lessThanOrEqual": "5.15.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.1.120", "lessThanOrEqual": "6.1.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.6.64", "lessThanOrEqual": "6.6.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.11.11", "lessThanOrEqual": "6.11.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.12.2", "lessThanOrEqual": "6.12.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.13-rc1", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "references": [{"url": "https://git.kernel.org/stable/c/b7c7c400de85d915e0da7c2c363553a801c47349"}, {"url": "https://git.kernel.org/stable/c/c472b55cc0bc3df805db6a14f50a084884cf18ee"}, {"url": "https://git.kernel.org/stable/c/da498e02c92e6d82df8001438dd583b90c570815"}, {"url": "https://git.kernel.org/stable/c/56acf415772ee7e10e448b371f52b249aa2d0f7b"}, {"url": "https://git.kernel.org/stable/c/1b734ad0e33648c3988c6a37c2ac16c2d63eda06"}, {"url": "https://git.kernel.org/stable/c/2310f5336f32eac9ada2d59b965d578efe25c4bf"}, {"url": "https://git.kernel.org/stable/c/5bc6d0da4a32fe34a9960de577e0b7de3454de0c"}, {"url": "https://git.kernel.org/stable/c/9b79d59e6b2b515eb9a22bc469ef7b8f0904fc73"}], "title": "mfd: intel_soc_pmic_bxtwc: Use IRQ domain for TMU device", "x_generator": {"engine": "bippy-5f407fcff5a0"}}}}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "C90873CE-F6F9-43EE-AD2F-ECA089BAC640", "versionEndExcluding": "5.4.287", "versionStartIncluding": "4.10", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "B5C644CC-2BD7-4E32-BC54-8DCC7ABE9935", "versionEndExcluding": "5.10.231", "versionStartIncluding": "5.5", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "419FD073-1517-4FD5-8158-F94BC68A1E89", "versionEndExcluding": "5.15.174", "versionStartIncluding": "5.11", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "09AC6122-E2A4-40FE-9D33-268A1B2EC265", "versionEndExcluding": "6.1.120", "versionStartIncluding": "5.16", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "CA16DEE3-ABEC-4449-9F4A-7A3DC4FC36C7", "versionEndExcluding": "6.6.64", "versionStartIncluding": "6.2", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "21434379-192D-472F-9B54-D45E3650E893", "versionEndExcluding": "6.11.11", "versionStartIncluding": "6.7", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "D8882B1B-2ABC-4838-AC1D-DBDBB5764776", "versionEndExcluding": "6.12.2", "versionStartIncluding": "6.12", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmfd: intel_soc_pmic_bxtwc: Use IRQ domain for TMU device\n\nWhile design wise the idea of converting the driver to use\nthe hierarchy of the IRQ chips is correct, the implementation\nhas (inherited) flaws. This was unveiled when platform_get_irq()\nhad started WARN() on IRQ 0 that is supposed to be a Linux\nIRQ number (also known as vIRQ).\n\nRework the driver to respect IRQ domain when creating each MFD\ndevice separately, as the domain is not the same for all of them."}, {"lang": "es", "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: mfd: intel_soc_pmic_bxtwc: Use IRQ domain for TMU device Si bien en t\u00e9rminos de dise\u00f1o la idea de convertir el controlador para usar la jerarqu\u00eda de los chips IRQ es correcta, la implementaci\u00f3n tiene fallas (heredadas). Esto se revel\u00f3 cuando platform_get_irq() hab\u00eda iniciado WARN() en IRQ 0, que se supone que es un n\u00famero IRQ de Linux (tambi\u00e9n conocido como vIRQ). Reelabore el controlador para respetar el dominio IRQ al crear cada dispositivo MFD por separado, ya que el dominio no es el mismo para todos ellos."}], "id": "CVE-2024-56724", "lastModified": "2025-01-09T20:25:25.567", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2024-12-29T12:15:06.490", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/1b734ad0e33648c3988c6a37c2ac16c2d63eda06"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/2310f5336f32eac9ada2d59b965d578efe25c4bf"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/56acf415772ee7e10e448b371f52b249aa2d0f7b"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/5bc6d0da4a32fe34a9960de577e0b7de3454de0c"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/9b79d59e6b2b515eb9a22bc469ef7b8f0904fc73"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/b7c7c400de85d915e0da7c2c363553a801c47349"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/c472b55cc0bc3df805db6a14f50a084884cf18ee"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/da498e02c92e6d82df8001438dd583b90c570815"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"bugzilla": {"description": "kernel: mfd: intel_soc_pmic_bxtwc: Use IRQ domain for TMU device", "id": "2334810", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2334810"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.5", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "status": "draft"}, "details": ["In the Linux kernel, the following vulnerability has been resolved:\nmfd: intel_soc_pmic_bxtwc: Use IRQ domain for TMU device\nWhile design wise the idea of converting the driver to use\nthe hierarchy of the IRQ chips is correct, the implementation\nhas (inherited) flaws. This was unveiled when platform_get_irq()\nhad started WARN() on IRQ 0 that is supposed to be a Linux\nIRQ number (also known as vIRQ).\nRework the driver to respect IRQ domain when creating each MFD\ndevice separately, as the domain is not the same for all of them."], "name": "CVE-2024-56724", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2024-12-29T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2024-56724\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-56724\nhttps://lore.kernel.org/linux-cve-announce/2024122923-CVE-2024-56724-a800@gregkh/T"], "threat_severity": "Low"}