CVE-2024-56620

Source
https://nvd.nist.gov/vuln/detail/CVE-2024-56620
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-56620.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2024-56620
Downstream
Related
Published
2024-12-27T14:51:24Z
Modified
2025-10-17T18:34:49.723416Z
Summary
scsi: ufs: qcom: Only free platform MSIs when ESI is enabled
Details

In the Linux kernel, the following vulnerability has been resolved:

scsi: ufs: qcom: Only free platform MSIs when ESI is enabled

Otherwise, it will result in a NULL pointer dereference as below:

Unable to handle kernel NULL pointer dereference at virtual address 0000000000000008 Call trace: mutexlock+0xc/0x54 platformdevicemsifreeirqsall+0x14/0x20 ufsqcomremove+0x34/0x48 [ufsqcom] platformremove+0x28/0x44 deviceremove+0x4c/0x80 devicereleasedriverinternal+0xd8/0x178 driverdetach+0x50/0x9c busremovedriver+0x6c/0xbc driverunregister+0x30/0x60 platformdriverunregister+0x14/0x20 ufsqcompltformexit+0x18/0xb94 [ufsqcom] _arm64sysdeletemodule+0x180/0x260 invokesyscall+0x44/0x100 el0svccommon.constprop.0+0xc0/0xe0 doel0svc+0x1c/0x28 el0svc+0x34/0xdc el0t64synchandler+0xc0/0xc4 el0t64_sync+0x190/0x194

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
519b6274a7775f5fe00a086f189efb8f063467d1
Fixed
f16a097047e38dcdd169a15e3eed1b2f2147a2e7
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
519b6274a7775f5fe00a086f189efb8f063467d1
Fixed
f99cb5f6344ef93777fd3add7979ebf291a852df
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
519b6274a7775f5fe00a086f189efb8f063467d1
Fixed
64506b3d23a337e98a74b18dcb10c8619365f2bd

Affected versions

v6.*

v6.10
v6.10-rc1
v6.10-rc2
v6.10-rc3
v6.10-rc4
v6.10-rc5
v6.10-rc6
v6.10-rc7
v6.11
v6.11-rc1
v6.11-rc2
v6.11-rc3
v6.11-rc4
v6.11-rc5
v6.11-rc6
v6.11-rc7
v6.12
v6.12-rc1
v6.12-rc2
v6.12-rc3
v6.12-rc4
v6.12-rc5
v6.12-rc6
v6.12-rc7
v6.12.1
v6.12.2
v6.12.3
v6.12.4
v6.2
v6.2-rc2
v6.2-rc3
v6.2-rc4
v6.2-rc5
v6.2-rc6
v6.2-rc7
v6.2-rc8
v6.3
v6.3-rc1
v6.3-rc2
v6.3-rc3
v6.3-rc4
v6.3-rc5
v6.3-rc6
v6.3-rc7
v6.4
v6.4-rc1
v6.4-rc2
v6.4-rc3
v6.4-rc4
v6.4-rc5
v6.4-rc6
v6.4-rc7
v6.5
v6.5-rc1
v6.5-rc2
v6.5-rc3
v6.5-rc4
v6.5-rc5
v6.5-rc6
v6.5-rc7
v6.6
v6.6-rc1
v6.6-rc2
v6.6-rc3
v6.6-rc4
v6.6-rc5
v6.6-rc6
v6.6-rc7
v6.6.1
v6.6.10
v6.6.11
v6.6.12
v6.6.13
v6.6.14
v6.6.15
v6.6.16
v6.6.17
v6.6.18
v6.6.19
v6.6.2
v6.6.20
v6.6.21
v6.6.22
v6.6.23
v6.6.24
v6.6.25
v6.6.26
v6.6.27
v6.6.28
v6.6.29
v6.6.3
v6.6.30
v6.6.31
v6.6.32
v6.6.33
v6.6.34
v6.6.35
v6.6.36
v6.6.37
v6.6.38
v6.6.39
v6.6.4
v6.6.40
v6.6.41
v6.6.42
v6.6.43
v6.6.44
v6.6.45
v6.6.46
v6.6.47
v6.6.48
v6.6.49
v6.6.5
v6.6.50
v6.6.51
v6.6.52
v6.6.53
v6.6.54
v6.6.55
v6.6.56
v6.6.57
v6.6.58
v6.6.59
v6.6.6
v6.6.60
v6.6.61
v6.6.62
v6.6.63
v6.6.64
v6.6.65
v6.6.66
v6.6.67
v6.6.68
v6.6.69
v6.6.7
v6.6.70
v6.6.71
v6.6.72
v6.6.73
v6.6.74
v6.6.75
v6.6.76
v6.6.77
v6.6.78
v6.6.79
v6.6.8
v6.6.80
v6.6.81
v6.6.82
v6.6.83
v6.6.84
v6.6.85
v6.6.9
v6.7
v6.7-rc1
v6.7-rc2
v6.7-rc3
v6.7-rc4
v6.7-rc5
v6.7-rc6
v6.7-rc7
v6.7-rc8
v6.8
v6.8-rc1
v6.8-rc2
v6.8-rc3
v6.8-rc4
v6.8-rc5
v6.8-rc6
v6.8-rc7
v6.9
v6.9-rc1
v6.9-rc2
v6.9-rc3
v6.9-rc4
v6.9-rc5
v6.9-rc6
v6.9-rc7

Database specific

vanir_signatures

[
    {
        "signature_type": "Function",
        "id": "CVE-2024-56620-1d6b81f6",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@f99cb5f6344ef93777fd3add7979ebf291a852df",
        "signature_version": "v1",
        "target": {
            "function": "ufs_qcom_remove",
            "file": "drivers/ufs/host/ufs-qcom.c"
        },
        "digest": {
            "function_hash": "320309219497324696042407912167962927721",
            "length": 157.0
        },
        "deprecated": false
    },
    {
        "signature_type": "Line",
        "id": "CVE-2024-56620-3976dcf9",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@64506b3d23a337e98a74b18dcb10c8619365f2bd",
        "signature_version": "v1",
        "target": {
            "file": "drivers/ufs/host/ufs-qcom.c"
        },
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "261623744131954557279636882671520991189",
                "234030568863400049900635726757775378832",
                "87626392262872632988051158159329225368",
                "153417520943457367367769774273983478668",
                "118864486096175695430180585470129420933",
                "140062055919322328799935994624056434214",
                "150996445237952609042184209119357811433"
            ]
        },
        "deprecated": false
    },
    {
        "signature_type": "Function",
        "id": "CVE-2024-56620-488e56c8",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@f16a097047e38dcdd169a15e3eed1b2f2147a2e7",
        "signature_version": "v1",
        "target": {
            "function": "ufs_qcom_remove",
            "file": "drivers/ufs/host/ufs-qcom.c"
        },
        "digest": {
            "function_hash": "132827980130812516190895612802285224649",
            "length": 168.0
        },
        "deprecated": false
    },
    {
        "signature_type": "Line",
        "id": "CVE-2024-56620-9aa096d6",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@f99cb5f6344ef93777fd3add7979ebf291a852df",
        "signature_version": "v1",
        "target": {
            "file": "drivers/ufs/host/ufs-qcom.c"
        },
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "261623744131954557279636882671520991189",
                "234030568863400049900635726757775378832",
                "87626392262872632988051158159329225368",
                "153417520943457367367769774273983478668",
                "118864486096175695430180585470129420933",
                "140062055919322328799935994624056434214",
                "150996445237952609042184209119357811433"
            ]
        },
        "deprecated": false
    },
    {
        "signature_type": "Function",
        "id": "CVE-2024-56620-9c706885",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@64506b3d23a337e98a74b18dcb10c8619365f2bd",
        "signature_version": "v1",
        "target": {
            "function": "ufs_qcom_remove",
            "file": "drivers/ufs/host/ufs-qcom.c"
        },
        "digest": {
            "function_hash": "320309219497324696042407912167962927721",
            "length": 157.0
        },
        "deprecated": false
    },
    {
        "signature_type": "Line",
        "id": "CVE-2024-56620-ea44d08b",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@f16a097047e38dcdd169a15e3eed1b2f2147a2e7",
        "signature_version": "v1",
        "target": {
            "file": "drivers/ufs/host/ufs-qcom.c"
        },
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "162820779803166093581445466624733542076",
                "294222976325569557949579392828353714705",
                "87626392262872632988051158159329225368",
                "24543188347716742689119236228587884223",
                "228622690872805291133081026458005018793",
                "222327510472200968045041702226080410928",
                "311577366786356318459617369393833007351"
            ]
        },
        "deprecated": false
    }
]

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
6.3.0
Fixed
6.6.86
Type
ECOSYSTEM
Events
Introduced
6.7.0
Fixed
6.12.5