CVE-2024-56625

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2024-56625
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-56625.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2024-56625
Downstream
Related
Published
2024-12-27T14:51:28.206Z
Modified
2026-03-11T07:45:14.023132Z
Summary
can: dev: can_set_termination(): allow sleeping GPIOs
Details

In the Linux kernel, the following vulnerability has been resolved:

can: dev: cansettermination(): allow sleeping GPIOs

In commit 6e86a1543c37 ("can: dev: provide optional GPIO based termination support") GPIO based termination support was added.

For no particular reason that patch uses gpiodsetvalue() to set the GPIO. This leads to the following warning, if the systems uses a sleeping GPIO, i.e. behind an I2C port expander:

| WARNING: CPU: 0 PID: 379 at /drivers/gpio/gpiolib.c:3496 gpiodsetvalue+0x50/0x6c | CPU: 0 UID: 0 PID: 379 Comm: ip Not tainted 6.11.0-20241016-1 #1 823affae360cc91126e4d316d7a614a8bf86236c

Replace gpiodsetvalue() by gpiodsetvalue_cansleep() to allow the use of sleeping GPIOs.

Database specific 
{
    "cna_assigner": "Linux",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/56xxx/CVE-2024-56625.json"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
6e86a1543c378f2e8837ad88f361b7bf606c80f7
Fixed
faa0a1975a6fbce30616775216606eb8d6388ea1
Fixed
46637a608fb1ee871a0ad8bf70d917d5d95ac251
Fixed
1ac442f25c19953d2f33b92549628b0aeac83db6
Fixed
3b0c5bb437d31a9864f633b85cbc42d2f6c51c96
Fixed
ee1dfbdd8b4b6de85e96ae2059dc9c1bdb6b49b5

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-56625.json"