CVE-2024-36898
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2024-36898
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-36898.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2024-36898
- Downstream
- Related
- Published
- 2024-05-30T15:29:02Z
- Modified
- 2025-10-17T06:15:05.521961Z
- Summary
- gpiolib: cdev: fix uninitialised kfifo
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
gpiolib: cdev: fix uninitialised kfifo
If a line is requested with debounce, and that results in debouncing in software, and the line is subsequently reconfigured to enable edge detection then the allocation of the kfifo to contain edge events is overlooked. This results in events being written to and read from an uninitialised kfifo. Read events are returned to userspace.
Initialise the kfifo in the case where the software debounce is already active.
- References
-
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- https://git.kernel.org/stable/c/1a51e24404d77bb3307c1e39eee0d8e86febb1a5
- https://git.kernel.org/stable/c/883e4bbf06eb5fb7482679e4edb201093e9f55a2
- https://git.kernel.org/stable/c/bd7139a70ee8d8ea872b223e043730cf6f5e2b0e
- https://git.kernel.org/stable/c/ee0166b637a5e376118e9659e5b4148080f1d27e
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced65cff70464068a823b3f4a28074000febdce0630Fixed1a51e24404d77bb3307c1e39eee0d8e86febb1a5
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced65cff70464068a823b3f4a28074000febdce0630Fixed883e4bbf06eb5fb7482679e4edb201093e9f55a2
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced65cff70464068a823b3f4a28074000febdce0630Fixedbd7139a70ee8d8ea872b223e043730cf6f5e2b0e
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced65cff70464068a823b3f4a28074000febdce0630Fixedee0166b637a5e376118e9659e5b4148080f1d27e
Affected versions
v5.*
v5.10
v5.10-rc1
v5.10-rc2
v5.10-rc3
v5.10-rc4
v5.10-rc5
v5.10-rc6
v5.10-rc7
v5.11
v5.11-rc1
v5.11-rc2
v5.11-rc3
v5.11-rc4
v5.11-rc5
v5.11-rc6
v5.11-rc7
v5.12
v5.12-rc1
v5.12-rc1-dontuse
v5.12-rc2
v5.12-rc3
v5.12-rc4
v5.12-rc5
v5.12-rc6
v5.12-rc7
v5.12-rc8
v5.13
v5.13-rc1
v5.13-rc2
v5.13-rc3
v5.13-rc4
v5.13-rc5
v5.13-rc6
v5.13-rc7
v5.14
v5.14-rc1
v5.14-rc2
v5.14-rc3
v5.14-rc4
v5.14-rc5
v5.14-rc6
v5.14-rc7
v5.15
v5.15-rc1
v5.15-rc2
v5.15-rc3
v5.15-rc4
v5.15-rc5
v5.15-rc6
v5.15-rc7
v5.16
v5.16-rc1
v5.16-rc2
v5.16-rc3
v5.16-rc4
v5.16-rc5
v5.16-rc6
v5.16-rc7
v5.16-rc8
v5.17
v5.17-rc1
v5.17-rc2
v5.17-rc3
v5.17-rc4
v5.17-rc5
v5.17-rc6
v5.17-rc7
v5.17-rc8
v5.18
v5.18-rc1
v5.18-rc2
v5.18-rc3
v5.18-rc4
v5.18-rc5
v5.18-rc6
v5.18-rc7
v5.19
v5.19-rc1
v5.19-rc2
v5.19-rc3
v5.19-rc4
v5.19-rc5
v5.19-rc6
v5.19-rc7
v5.19-rc8
v5.9
v5.9-rc2
v5.9-rc3
v5.9-rc4
v5.9-rc5
v5.9-rc6
v5.9-rc7
v5.9-rc8
v6.*
v6.0
v6.0-rc1
v6.0-rc2
v6.0-rc3
v6.0-rc4
v6.0-rc5
v6.0-rc6
v6.0-rc7
v6.1
v6.1-rc1
v6.1-rc2
v6.1-rc3
v6.1-rc4
v6.1-rc5
v6.1-rc6
v6.1-rc7
v6.1-rc8
v6.1.1
v6.1.10
v6.1.11
v6.1.12
v6.1.13
v6.1.14
v6.1.15
v6.1.16
v6.1.17
v6.1.18
v6.1.19
v6.1.2
v6.1.20
v6.1.21
v6.1.22
v6.1.23
v6.1.24
v6.1.25
v6.1.26
v6.1.27
v6.1.28
v6.1.29
v6.1.3
v6.1.30
v6.1.31
v6.1.32
v6.1.33
v6.1.34
v6.1.35
v6.1.36
v6.1.37
v6.1.38
v6.1.39
v6.1.4
v6.1.40
v6.1.41
v6.1.42
v6.1.43
v6.1.44
v6.1.45
v6.1.46
v6.1.47
v6.1.48
v6.1.49
v6.1.5
v6.1.50
v6.1.51
v6.1.52
v6.1.53
v6.1.54
v6.1.55
v6.1.56
v6.1.57
v6.1.58
v6.1.59
v6.1.6
v6.1.60
v6.1.61
v6.1.62
v6.1.63
v6.1.64
v6.1.65
v6.1.66
v6.1.67
v6.1.68
v6.1.69
v6.1.7
v6.1.70
v6.1.71
v6.1.72
v6.1.73
v6.1.74
v6.1.75
v6.1.76
v6.1.77
v6.1.78
v6.1.79
v6.1.8
v6.1.80
v6.1.81
v6.1.82
v6.1.83
v6.1.84
v6.1.85
v6.1.86
v6.1.87
v6.1.88
v6.1.89
v6.1.9
v6.1.90
v6.2
v6.2-rc1
v6.2-rc2
v6.2-rc3
v6.2-rc4
v6.2-rc5
v6.2-rc6
v6.2-rc7
v6.2-rc8
v6.3
v6.3-rc1
v6.3-rc2
v6.3-rc3
v6.3-rc4
v6.3-rc5
v6.3-rc6
v6.3-rc7
v6.4
v6.4-rc1
v6.4-rc2
v6.4-rc3
v6.4-rc4
v6.4-rc5
v6.4-rc6
v6.4-rc7
v6.5
v6.5-rc1
v6.5-rc2
v6.5-rc3
v6.5-rc4
v6.5-rc5
v6.5-rc6
v6.5-rc7
v6.6
v6.6-rc1
v6.6-rc2
v6.6-rc3
v6.6-rc4
v6.6-rc5
v6.6-rc6
v6.6-rc7
v6.6.1
v6.6.10
v6.6.11
v6.6.12
v6.6.13
v6.6.14
v6.6.15
v6.6.16
v6.6.17
v6.6.18
v6.6.19
v6.6.2
v6.6.20
v6.6.21
v6.6.22
v6.6.23
v6.6.24
v6.6.25
v6.6.26
v6.6.27
v6.6.28
v6.6.29
v6.6.3
v6.6.30
v6.6.4
v6.6.5
v6.6.6
v6.6.7
v6.6.8
v6.6.9
v6.7
v6.7-rc1
v6.7-rc2
v6.7-rc3
v6.7-rc4
v6.7-rc5
v6.7-rc6
v6.7-rc7
v6.7-rc8
v6.8
v6.8-rc1
v6.8-rc2
v6.8-rc3
v6.8-rc4
v6.8-rc5
v6.8-rc6
v6.8-rc7
v6.8.1
v6.8.2
v6.8.3
v6.8.4
v6.8.5
v6.8.6
v6.8.7
v6.8.8
v6.8.9
v6.9-rc1
v6.9-rc2
v6.9-rc3
v6.9-rc4
v6.9-rc5
v6.9-rc6
Database specific
vanir_signatures
[
{
"signature_type": "Function",
"id": "CVE-2024-36898-14f314e7",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@ee0166b637a5e376118e9659e5b4148080f1d27e",
"signature_version": "v1",
"deprecated": false,
"target": {
"function": "edge_detector_update",
"file": "drivers/gpio/gpiolib-cdev.c"
},
"digest": {
"function_hash": "126935987133949618178871995918722775356",
"length": 589.0
}
},
{
"signature_type": "Function",
"id": "CVE-2024-36898-4117c24a",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@883e4bbf06eb5fb7482679e4edb201093e9f55a2",
"signature_version": "v1",
"deprecated": false,
"target": {
"function": "edge_detector_update",
"file": "drivers/gpio/gpiolib-cdev.c"
},
"digest": {
"function_hash": "126935987133949618178871995918722775356",
"length": 589.0
}
},
{
"signature_type": "Function",
"id": "CVE-2024-36898-6a3f886c",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@bd7139a70ee8d8ea872b223e043730cf6f5e2b0e",
"signature_version": "v1",
"deprecated": false,
"target": {
"function": "edge_detector_update",
"file": "drivers/gpio/gpiolib-cdev.c"
},
"digest": {
"function_hash": "126935987133949618178871995918722775356",
"length": 589.0
}
},
{
"signature_type": "Line",
"id": "CVE-2024-36898-75cdcf17",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@883e4bbf06eb5fb7482679e4edb201093e9f55a2",
"signature_version": "v1",
"deprecated": false,
"target": {
"file": "drivers/gpio/gpiolib-cdev.c"
},
"digest": {
"line_hashes": [
"289730372367001417290569218062322967936",
"175067666122617172752962199125144925518",
"113920064654407728015234975518025315932",
"186214307278239809781920672264302132751",
"104870743481483708336619300775115988354",
"77335619646978550050524724566422529046",
"174113004661203816230067157816340911369",
"216099437079770842606998723117198313733"
],
"threshold": 0.9
}
},
{
"signature_type": "Line",
"id": "CVE-2024-36898-bbcc1bbf",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@ee0166b637a5e376118e9659e5b4148080f1d27e",
"signature_version": "v1",
"deprecated": false,
"target": {
"file": "drivers/gpio/gpiolib-cdev.c"
},
"digest": {
"line_hashes": [
"289730372367001417290569218062322967936",
"175067666122617172752962199125144925518",
"113920064654407728015234975518025315932",
"186214307278239809781920672264302132751",
"104870743481483708336619300775115988354",
"77335619646978550050524724566422529046",
"174113004661203816230067157816340911369",
"216099437079770842606998723117198313733"
],
"threshold": 0.9
}
},
{
"signature_type": "Line",
"id": "CVE-2024-36898-bd06e220",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@1a51e24404d77bb3307c1e39eee0d8e86febb1a5",
"signature_version": "v1",
"deprecated": false,
"target": {
"file": "drivers/gpio/gpiolib-cdev.c"
},
"digest": {
"line_hashes": [
"289730372367001417290569218062322967936",
"175067666122617172752962199125144925518",
"113920064654407728015234975518025315932",
"186214307278239809781920672264302132751",
"104870743481483708336619300775115988354",
"77335619646978550050524724566422529046",
"174113004661203816230067157816340911369",
"216099437079770842606998723117198313733"
],
"threshold": 0.9
}
},
{
"signature_type": "Function",
"id": "CVE-2024-36898-f2354a94",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@1a51e24404d77bb3307c1e39eee0d8e86febb1a5",
"signature_version": "v1",
"deprecated": false,
"target": {
"function": "edge_detector_update",
"file": "drivers/gpio/gpiolib-cdev.c"
},
"digest": {
"function_hash": "126935987133949618178871995918722775356",
"length": 589.0
}
},
{
"signature_type": "Line",
"id": "CVE-2024-36898-fb8b1821",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@bd7139a70ee8d8ea872b223e043730cf6f5e2b0e",
"signature_version": "v1",
"deprecated": false,
"target": {
"file": "drivers/gpio/gpiolib-cdev.c"
},
"digest": {
"line_hashes": [
"289730372367001417290569218062322967936",
"175067666122617172752962199125144925518",
"113920064654407728015234975518025315932",
"186214307278239809781920672264302132751",
"104870743481483708336619300775115988354",
"77335619646978550050524724566422529046",
"174113004661203816230067157816340911369",
"216099437079770842606998723117198313733"
],
"threshold": 0.9
}
}
]