CVE-2024-35909

Source
https://nvd.nist.gov/vuln/detail/CVE-2024-35909
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-35909.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2024-35909
Downstream
Related
Published
2024-05-19T08:35:02Z
Modified
2025-10-09T09:10:06.342545Z
Summary
net: wwan: t7xx: Split 64bit accesses to fix alignment issues
Details

In the Linux kernel, the following vulnerability has been resolved:

net: wwan: t7xx: Split 64bit accesses to fix alignment issues

Some of the registers are aligned on a 32bit boundary, causing alignment faults on 64bit platforms.

Unable to handle kernel paging request at virtual address ffffffc084a1d004 Mem abort info: ESR = 0x0000000096000061 EC = 0x25: DABT (current EL), IL = 32 bits SET = 0, FnV = 0 EA = 0, S1PTW = 0 FSC = 0x21: alignment fault Data abort info: ISV = 0, ISS = 0x00000061, ISS2 = 0x00000000 CM = 0, WnR = 1, TnD = 0, TagAccess = 0 GCS = 0, Overlay = 0, DirtyBit = 0, Xs = 0 swapper pgtable: 4k pages, 39-bit VAs, pgdp=0000000046ad6000 [ffffffc084a1d004] pgd=100000013ffff003, p4d=100000013ffff003, pud=100000013ffff003, pmd=0068000020a00711 Internal error: Oops: 0000000096000061 [#1] SMP Modules linked in: mtkt7xx(+) qcserial pppoe pppasync option nftfibinet nfflowtableinet mt7921u(O) mt7921s(O) mt7921e(O) mt7921common(O) iwlmvm(O) iwldvm(O) usbwwan rndishost qmiwwan pppox pppgeneric nftrejectipv6 nftrejectipv4 nftrejectinet nftreject nftredir nftquota nftnumgen nftnat nftmasq nftlog nftlimit nfthash nftflowoffload nftfibipv6 nftfibipv4 nftfib nftct nftchainnat nftables nfnat nfflowtable nfconntrack mt7996e(O) mt792xusb(O) mt792xlib(O) mt7915e(O) mt76usb(O) mt76sdio(O) mt76connaclib(O) mt76(O) mac80211(O) iwlwifi(O) huaweicdcncm cfg80211(O) cdcncm cdcether wwan usbserial usbnet slhc sfp rtcpcf8563 nfnetlink nfrejectipv6 nfrejectipv4 nflogsyslog nfdefragipv6 nfdefragipv4 mt6577auxadc mdioi2c libcrc32c compat(O) cdcwdm cdcacm at24 cryptosafexcel pwmfan i2cgpio i2csmbus industrialio i2calgobit i2cmuxreg i2cmuxpca954x i2cmuxpca9541 i2cmuxgpio i2cmux dummy oidregistry tun sha512arm64 sha1ce sha1generic seqiv md5 geniv desgeneric libdes cbc authencesn authenc ledsgpio xhciplathcd xhcipci xhcimtkhcd xhcihcd nvme nvmecore gpiobuttonhotplug(O) dmmirror dmregionhash dmlog dmcrypt dmmod dax usbcore usbcommon ptp aquantia ppscore mii tpm encryptedkeys trusted CPU: 3 PID: 5266 Comm: kworker/u9:1 Tainted: G O 6.6.22 #0 Hardware name: Bananapi BPI-R4 (DT) Workqueue: mdhkwq t7xxfsmuninit [mtkt7xx] pstate: 804000c5 (Nzcv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--) pc : t7xxcldmahwsetstartaddr+0x1c/0x3c [mtkt7xx] lr : t7xxcldmastart+0xac/0x13c [mtkt7xx] sp : ffffffc085d63d30 x29: ffffffc085d63d30 x28: 0000000000000000 x27: 0000000000000000 x26: 0000000000000000 x25: ffffff80c804f2c0 x24: ffffff80ca196c05 x23: 0000000000000000 x22: ffffff80c814b9b8 x21: ffffff80c814b128 x20: 0000000000000001 x19: ffffff80c814b080 x18: 0000000000000014 x17: 0000000055c9806b x16: 000000007c5296d0 x15: 000000000f6bca68 x14: 00000000dbdbdce4 x13: 000000001aeaf72a x12: 0000000000000001 x11: 0000000000000000 x10: 0000000000000000 x9 : 0000000000000000 x8 : ffffff80ca1ef6b4 x7 : ffffff80c814b818 x6 : 0000000000000018 x5 : 0000000000000870 x4 : 0000000000000000 x3 : 0000000000000000 x2 : 000000010a947000 x1 : ffffffc084a1d004 x0 : ffffffc084a1d004 Call trace: t7xxcldmahwsetstartaddr+0x1c/0x3c [mtkt7xx] t7xxfsmuninit+0x578/0x5ec [mtkt7xx] processonework+0x154/0x2a0 workerthread+0x2ac/0x488 kthread+0xe0/0xec retfromfork+0x10/0x20 Code: f9400800 91001000 8b214001 d50332bf (f9000022) ---[ end trace 0000000000000000 ]---

The inclusion of io-64-nonatomic-lo-hi.h indicates that all 64bit accesses can be replaced by pairs of nonatomic 32bit access. Fix alignment by forcing all accesses to be 32bit on 64bit platforms.

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
39d439047f1dc88f98b755d6f3a53a4ef8f0de21
Fixed
beaf0e7996b79e06ccc2bdcb4442fbaeccc31200
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
39d439047f1dc88f98b755d6f3a53a4ef8f0de21
Fixed
2e22c9cb618716b8e557fe17c3d4958171288082
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
39d439047f1dc88f98b755d6f3a53a4ef8f0de21
Fixed
b4fdb3c197e35f655b2d9b6759ce29440eacdfda
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
39d439047f1dc88f98b755d6f3a53a4ef8f0de21
Fixed
7d5a7dd5a35876f0ecc286f3602a88887a788217

Affected versions

v5.*

v5.18
v5.18-rc6
v5.18-rc7
v5.19
v5.19-rc1
v5.19-rc2
v5.19-rc3
v5.19-rc4
v5.19-rc5
v5.19-rc6
v5.19-rc7
v5.19-rc8

v6.*

v6.0
v6.0-rc1
v6.0-rc2
v6.0-rc3
v6.0-rc4
v6.0-rc5
v6.0-rc6
v6.0-rc7
v6.1
v6.1-rc1
v6.1-rc2
v6.1-rc3
v6.1-rc4
v6.1-rc5
v6.1-rc6
v6.1-rc7
v6.1-rc8
v6.1.1
v6.1.10
v6.1.11
v6.1.12
v6.1.13
v6.1.14
v6.1.15
v6.1.16
v6.1.17
v6.1.18
v6.1.19
v6.1.2
v6.1.20
v6.1.21
v6.1.22
v6.1.23
v6.1.24
v6.1.25
v6.1.26
v6.1.27
v6.1.28
v6.1.29
v6.1.3
v6.1.30
v6.1.31
v6.1.32
v6.1.33
v6.1.34
v6.1.35
v6.1.36
v6.1.37
v6.1.38
v6.1.39
v6.1.4
v6.1.40
v6.1.41
v6.1.42
v6.1.43
v6.1.44
v6.1.45
v6.1.46
v6.1.47
v6.1.48
v6.1.49
v6.1.5
v6.1.50
v6.1.51
v6.1.52
v6.1.53
v6.1.54
v6.1.55
v6.1.56
v6.1.57
v6.1.58
v6.1.59
v6.1.6
v6.1.60
v6.1.61
v6.1.62
v6.1.63
v6.1.64
v6.1.65
v6.1.66
v6.1.67
v6.1.68
v6.1.69
v6.1.7
v6.1.70
v6.1.71
v6.1.72
v6.1.73
v6.1.74
v6.1.75
v6.1.76
v6.1.77
v6.1.78
v6.1.79
v6.1.8
v6.1.80
v6.1.81
v6.1.82
v6.1.83
v6.1.84
v6.1.9
v6.2
v6.2-rc1
v6.2-rc2
v6.2-rc3
v6.2-rc4
v6.2-rc5
v6.2-rc6
v6.2-rc7
v6.2-rc8
v6.3
v6.3-rc1
v6.3-rc2
v6.3-rc3
v6.3-rc4
v6.3-rc5
v6.3-rc6
v6.3-rc7
v6.4
v6.4-rc1
v6.4-rc2
v6.4-rc3
v6.4-rc4
v6.4-rc5
v6.4-rc6
v6.4-rc7
v6.5
v6.5-rc1
v6.5-rc2
v6.5-rc3
v6.5-rc4
v6.5-rc5
v6.5-rc6
v6.5-rc7
v6.6
v6.6-rc1
v6.6-rc2
v6.6-rc3
v6.6-rc4
v6.6-rc5
v6.6-rc6
v6.6-rc7
v6.6.1
v6.6.10
v6.6.11
v6.6.12
v6.6.13
v6.6.14
v6.6.15
v6.6.16
v6.6.17
v6.6.18
v6.6.19
v6.6.2
v6.6.20
v6.6.21
v6.6.22
v6.6.23
v6.6.24
v6.6.25
v6.6.3
v6.6.4
v6.6.5
v6.6.6
v6.6.7
v6.6.8
v6.6.9
v6.7
v6.7-rc1
v6.7-rc2
v6.7-rc3
v6.7-rc4
v6.7-rc5
v6.7-rc6
v6.7-rc7
v6.7-rc8
v6.8
v6.8-rc1
v6.8-rc2
v6.8-rc3
v6.8-rc4
v6.8-rc5
v6.8-rc6
v6.8-rc7
v6.8.1
v6.8.2
v6.8.3
v6.8.4

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
5.19.0
Fixed
6.1.85
Type
ECOSYSTEM
Events
Introduced
6.2.0
Fixed
6.6.26
Type
ECOSYSTEM
Events
Introduced
6.7.0
Fixed
6.8.5