AZL-56131

See a problem?

Import Source

https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-56131.json

JSON Data

https://api.test.osv.dev/v1/vulns/AZL-56131

Upstream

CVE-2024-45828

Published

2025-01-11T13:15:21Z

Modified

2026-04-01T05:18:48.219156Z

Severity

5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator

Summary

CVE-2024-45828 affecting package kernel for versions less than 6.6.76.1-1

Details

In the Linux kernel, the following vulnerability has been resolved:

i3c: mipi-i3c-hci: Mask ring interrupts before ring stop request

Bus cleanup path in DMA mode may trigger a RINGOPSTAT interrupt when the ring is being stopped. Depending on timing between ring stop request completion, interrupt handler removal and code execution this may lead to a NULL pointer dereference in hcidmairqhandler() if it gets to run after the iodata pointer is set to NULL in hcidmacleanup().

Prevent this my masking the ring interrupts before ring stop request.

References

https://nvd.nist.gov/vuln/detail/CVE-2024-45828

Affected packages

Azure Linux:3 / kernel

Package

Name: kernel
Purl: pkg:rpm/azure-linux/kernel

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

6.6.76.1-1

Database specific

source

"https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-56131.json"