In the Linux kernel, the following vulnerability has been resolved:
scsi: ufs: qcom: Only free platform MSIs when ESI is enabled
Otherwise, it will result in a NULL pointer dereference as below:
Unable to handle kernel NULL pointer dereference at virtual address 0000000000000008 Call trace: mutexlock+0xc/0x54 platformdevicemsifreeirqsall+0x14/0x20 ufsqcomremove+0x34/0x48 [ufsqcom] platformremove+0x28/0x44 deviceremove+0x4c/0x80 devicereleasedriverinternal+0xd8/0x178 driverdetach+0x50/0x9c busremovedriver+0x6c/0xbc driverunregister+0x30/0x60 platformdriverunregister+0x14/0x20 ufsqcompltformexit+0x18/0xb94 [ufsqcom] _arm64sysdeletemodule+0x180/0x260 invokesyscall+0x44/0x100 el0svccommon.constprop.0+0xc0/0xe0 doel0svc+0x1c/0x28 el0svc+0x34/0xdc el0t64synchandler+0xc0/0xc4 el0t64_sync+0x190/0x194
[ { "signature_type": "Function", "id": "CVE-2024-56620-1d6b81f6", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@f99cb5f6344ef93777fd3add7979ebf291a852df", "signature_version": "v1", "target": { "function": "ufs_qcom_remove", "file": "drivers/ufs/host/ufs-qcom.c" }, "digest": { "function_hash": "320309219497324696042407912167962927721", "length": 157.0 }, "deprecated": false }, { "signature_type": "Line", "id": "CVE-2024-56620-3976dcf9", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@64506b3d23a337e98a74b18dcb10c8619365f2bd", "signature_version": "v1", "target": { "file": "drivers/ufs/host/ufs-qcom.c" }, "digest": { "threshold": 0.9, "line_hashes": [ "261623744131954557279636882671520991189", "234030568863400049900635726757775378832", "87626392262872632988051158159329225368", "153417520943457367367769774273983478668", "118864486096175695430180585470129420933", "140062055919322328799935994624056434214", "150996445237952609042184209119357811433" ] }, "deprecated": false }, { "signature_type": "Function", "id": "CVE-2024-56620-488e56c8", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@f16a097047e38dcdd169a15e3eed1b2f2147a2e7", "signature_version": "v1", "target": { "function": "ufs_qcom_remove", "file": "drivers/ufs/host/ufs-qcom.c" }, "digest": { "function_hash": "132827980130812516190895612802285224649", "length": 168.0 }, "deprecated": false }, { "signature_type": "Line", "id": "CVE-2024-56620-9aa096d6", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@f99cb5f6344ef93777fd3add7979ebf291a852df", "signature_version": "v1", "target": { "file": "drivers/ufs/host/ufs-qcom.c" }, "digest": { "threshold": 0.9, "line_hashes": [ "261623744131954557279636882671520991189", "234030568863400049900635726757775378832", "87626392262872632988051158159329225368", "153417520943457367367769774273983478668", "118864486096175695430180585470129420933", "140062055919322328799935994624056434214", "150996445237952609042184209119357811433" ] }, "deprecated": false }, { "signature_type": "Function", "id": "CVE-2024-56620-9c706885", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@64506b3d23a337e98a74b18dcb10c8619365f2bd", "signature_version": "v1", "target": { "function": "ufs_qcom_remove", "file": "drivers/ufs/host/ufs-qcom.c" }, "digest": { "function_hash": "320309219497324696042407912167962927721", "length": 157.0 }, "deprecated": false }, { "signature_type": "Line", "id": "CVE-2024-56620-ea44d08b", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@f16a097047e38dcdd169a15e3eed1b2f2147a2e7", "signature_version": "v1", "target": { "file": "drivers/ufs/host/ufs-qcom.c" }, "digest": { "threshold": 0.9, "line_hashes": [ "162820779803166093581445466624733542076", "294222976325569557949579392828353714705", "87626392262872632988051158159329225368", "24543188347716742689119236228587884223", "228622690872805291133081026458005018793", "222327510472200968045041702226080410928", "311577366786356318459617369393833007351" ] }, "deprecated": false } ]