AZL-57725

See a problem?

Import Source

https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-57725.json

JSON Data

https://api.test.osv.dev/v1/vulns/AZL-57725

Upstream

CVE-2024-26876

Published

2024-04-17T11:15:09Z

Modified

2026-04-01T05:19:11.433617Z

Severity

5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator

Summary

CVE-2024-26876 affecting package kernel 5.15.200.1-1

Details

In the Linux kernel, the following vulnerability has been resolved:

drm/bridge: adv7511: fix crash on irq during probe

Moved IRQ registration down to end of adv7511_probe().

If an IRQ already is pending during adv7511probe (before adv7511cecinit) then cecreceivedmsgts could crash using uninitialized data:

Unable to handle kernel read from unreadable memory at virtual address 00000000000003d5
Internal error: Oops: 96000004 [#1] PREEMPT_RT SMP
Call trace:
 cec_received_msg_ts+0x48/0x990 [cec]
 adv7511_cec_irq_process+0x1cc/0x308 [adv7511]
 adv7511_irq_process+0xd8/0x120 [adv7511]
 adv7511_irq_handler+0x1c/0x30 [adv7511]
 irq_thread_fn+0x30/0xa0
 irq_thread+0x14c/0x238
 kthread+0x190/0x1a8

References

https://nvd.nist.gov/vuln/detail/CVE-2024-26876

Affected packages

Azure Linux:2 / kernel

Package

Name: kernel
Purl: pkg:rpm/azure-linux/kernel

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Last affected

5.15.200.1-1

Database specific

source

"https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-57725.json"