CVE-2024-58003
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2024-58003
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-58003.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2024-58003
- Downstream
- Related
- Published
- 2025-02-27T02:12:00Z
- Modified
- 2025-10-17T14:43:32.607066Z
- Summary
- media: i2c: ds90ub9x3: Fix extra fwnode_handle_put()
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
media: i2c: ds90ub9x3: Fix extra fwnodehandleput()
The ub913 and ub953 drivers call fwnodehandleput(priv->sd.fwnode) as part of their remove process, and if the driver is removed multiple times, eventually leads to put "overflow", possibly causing memory corruption or crash.
The fwnodehandleput() is a leftover from commit 905f88ccebb1 ("media: i2c: ds90ub9x3: Fix sub-device matching"), which changed the code related to the sd.fwnode, but missed removing these fwnodehandleput() calls.
- References
-
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- https://git.kernel.org/stable/c/474d7baf91d37bc411fa60de5bbf03c9dd82e18a
- https://git.kernel.org/stable/c/60b45ece41c5632a3a3274115a401cb244180646
- https://git.kernel.org/stable/c/70743d6a8b256225675711e7983825f1be86062d
- https://git.kernel.org/stable/c/f4e4373322f8d4c19721831f7fb989e52d30dab0
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced905f88ccebb14e42bcd19455b0d9c0d4808f1897Fixed474d7baf91d37bc411fa60de5bbf03c9dd82e18a
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced905f88ccebb14e42bcd19455b0d9c0d4808f1897Fixedf4e4373322f8d4c19721831f7fb989e52d30dab0
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced905f88ccebb14e42bcd19455b0d9c0d4808f1897Fixed70743d6a8b256225675711e7983825f1be86062d
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced905f88ccebb14e42bcd19455b0d9c0d4808f1897Fixed60b45ece41c5632a3a3274115a401cb244180646
Affected versions
v6.*
v6.10
v6.10-rc1
v6.10-rc2
v6.10-rc3
v6.10-rc4
v6.10-rc5
v6.10-rc6
v6.10-rc7
v6.11
v6.11-rc1
v6.11-rc2
v6.11-rc3
v6.11-rc4
v6.11-rc5
v6.11-rc6
v6.11-rc7
v6.12
v6.12-rc1
v6.12-rc2
v6.12-rc3
v6.12-rc4
v6.12-rc5
v6.12-rc6
v6.12-rc7
v6.12.1
v6.12.10
v6.12.11
v6.12.12
v6.12.13
v6.12.2
v6.12.3
v6.12.4
v6.12.5
v6.12.6
v6.12.7
v6.12.8
v6.12.9
v6.13
v6.13-rc1
v6.13-rc2
v6.13-rc3
v6.13-rc4
v6.13-rc5
v6.13-rc6
v6.13-rc7
v6.13.1
v6.13.2
v6.5
v6.5-rc2
v6.5-rc3
v6.5-rc4
v6.5-rc5
v6.5-rc6
v6.5-rc7
v6.6
v6.6-rc1
v6.6-rc2
v6.6-rc3
v6.6-rc4
v6.6-rc5
v6.6-rc6
v6.6-rc7
v6.6.1
v6.6.10
v6.6.11
v6.6.12
v6.6.13
v6.6.14
v6.6.15
v6.6.16
v6.6.17
v6.6.18
v6.6.19
v6.6.2
v6.6.20
v6.6.21
v6.6.22
v6.6.23
v6.6.24
v6.6.25
v6.6.26
v6.6.27
v6.6.28
v6.6.29
v6.6.3
v6.6.30
v6.6.31
v6.6.32
v6.6.33
v6.6.34
v6.6.35
v6.6.36
v6.6.37
v6.6.38
v6.6.39
v6.6.4
v6.6.40
v6.6.41
v6.6.42
v6.6.43
v6.6.44
v6.6.45
v6.6.46
v6.6.47
v6.6.48
v6.6.49
v6.6.5
v6.6.50
v6.6.51
v6.6.52
v6.6.53
v6.6.54
v6.6.55
v6.6.56
v6.6.57
v6.6.58
v6.6.59
v6.6.6
v6.6.60
v6.6.61
v6.6.62
v6.6.63
v6.6.64
v6.6.65
v6.6.66
v6.6.67
v6.6.68
v6.6.69
v6.6.7
v6.6.70
v6.6.71
v6.6.72
v6.6.73
v6.6.74
v6.6.75
v6.6.76
v6.6.77
v6.6.8
v6.6.9
v6.7
v6.7-rc1
v6.7-rc2
v6.7-rc3
v6.7-rc4
v6.7-rc5
v6.7-rc6
v6.7-rc7
v6.7-rc8
v6.8
v6.8-rc1
v6.8-rc2
v6.8-rc3
v6.8-rc4
v6.8-rc5
v6.8-rc6
v6.8-rc7
v6.9
v6.9-rc1
v6.9-rc2
v6.9-rc3
v6.9-rc4
v6.9-rc5
v6.9-rc6
v6.9-rc7
Database specific
vanir_signatures
[
{
"id": "CVE-2024-58003-08268b1b",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Line",
"digest": {
"line_hashes": [
"159786507106904393247310683361015345648",
"203819577953747135350630686052700449976",
"11804754410155465241019276636786293905",
"18170138462475505432409484473166958953"
],
"threshold": 0.9
},
"target": {
"file": "drivers/media/i2c/ds90ub953.c"
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@474d7baf91d37bc411fa60de5bbf03c9dd82e18a"
},
{
"id": "CVE-2024-58003-0a53d11d",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Function",
"digest": {
"function_hash": "290356553742687490150690057323926449275",
"length": 196.0
},
"target": {
"file": "drivers/media/i2c/ds90ub913.c",
"function": "ub913_subdev_uninit"
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@f4e4373322f8d4c19721831f7fb989e52d30dab0"
},
{
"id": "CVE-2024-58003-108ceabf",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Function",
"digest": {
"function_hash": "290356553742687490150690057323926449275",
"length": 196.0
},
"target": {
"file": "drivers/media/i2c/ds90ub953.c",
"function": "ub953_subdev_uninit"
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@60b45ece41c5632a3a3274115a401cb244180646"
},
{
"id": "CVE-2024-58003-13465c91",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Function",
"digest": {
"function_hash": "290356553742687490150690057323926449275",
"length": 196.0
},
"target": {
"file": "drivers/media/i2c/ds90ub953.c",
"function": "ub953_subdev_uninit"
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@474d7baf91d37bc411fa60de5bbf03c9dd82e18a"
},
{
"id": "CVE-2024-58003-1a97de49",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Line",
"digest": {
"line_hashes": [
"79936342087533704625544639499047991371",
"320210152072546927391212878695935146903",
"11804754410155465241019276636786293905",
"118424560861594937219569282161697864071"
],
"threshold": 0.9
},
"target": {
"file": "drivers/media/i2c/ds90ub913.c"
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@f4e4373322f8d4c19721831f7fb989e52d30dab0"
},
{
"id": "CVE-2024-58003-2e43cda6",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Function",
"digest": {
"function_hash": "290356553742687490150690057323926449275",
"length": 196.0
},
"target": {
"file": "drivers/media/i2c/ds90ub913.c",
"function": "ub913_subdev_uninit"
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@474d7baf91d37bc411fa60de5bbf03c9dd82e18a"
},
{
"id": "CVE-2024-58003-4f219f78",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Line",
"digest": {
"line_hashes": [
"79936342087533704625544639499047991371",
"320210152072546927391212878695935146903",
"11804754410155465241019276636786293905",
"118424560861594937219569282161697864071"
],
"threshold": 0.9
},
"target": {
"file": "drivers/media/i2c/ds90ub913.c"
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@70743d6a8b256225675711e7983825f1be86062d"
},
{
"id": "CVE-2024-58003-5ba57a79",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Function",
"digest": {
"function_hash": "290356553742687490150690057323926449275",
"length": 196.0
},
"target": {
"file": "drivers/media/i2c/ds90ub913.c",
"function": "ub913_subdev_uninit"
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@70743d6a8b256225675711e7983825f1be86062d"
},
{
"id": "CVE-2024-58003-6819c241",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Line",
"digest": {
"line_hashes": [
"159786507106904393247310683361015345648",
"203819577953747135350630686052700449976",
"11804754410155465241019276636786293905",
"18170138462475505432409484473166958953"
],
"threshold": 0.9
},
"target": {
"file": "drivers/media/i2c/ds90ub953.c"
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@60b45ece41c5632a3a3274115a401cb244180646"
},
{
"id": "CVE-2024-58003-6eb187e3",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Line",
"digest": {
"line_hashes": [
"159786507106904393247310683361015345648",
"203819577953747135350630686052700449976",
"11804754410155465241019276636786293905",
"18170138462475505432409484473166958953"
],
"threshold": 0.9
},
"target": {
"file": "drivers/media/i2c/ds90ub953.c"
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@70743d6a8b256225675711e7983825f1be86062d"
},
{
"id": "CVE-2024-58003-7182623b",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Line",
"digest": {
"line_hashes": [
"79936342087533704625544639499047991371",
"320210152072546927391212878695935146903",
"11804754410155465241019276636786293905",
"118424560861594937219569282161697864071"
],
"threshold": 0.9
},
"target": {
"file": "drivers/media/i2c/ds90ub913.c"
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@474d7baf91d37bc411fa60de5bbf03c9dd82e18a"
},
{
"id": "CVE-2024-58003-c53d7824",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Line",
"digest": {
"line_hashes": [
"79936342087533704625544639499047991371",
"320210152072546927391212878695935146903",
"11804754410155465241019276636786293905",
"118424560861594937219569282161697864071"
],
"threshold": 0.9
},
"target": {
"file": "drivers/media/i2c/ds90ub913.c"
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@60b45ece41c5632a3a3274115a401cb244180646"
},
{
"id": "CVE-2024-58003-e8df9f7f",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Line",
"digest": {
"line_hashes": [
"159786507106904393247310683361015345648",
"203819577953747135350630686052700449976",
"11804754410155465241019276636786293905",
"18170138462475505432409484473166958953"
],
"threshold": 0.9
},
"target": {
"file": "drivers/media/i2c/ds90ub953.c"
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@f4e4373322f8d4c19721831f7fb989e52d30dab0"
},
{
"id": "CVE-2024-58003-f0f8d45e",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Function",
"digest": {
"function_hash": "290356553742687490150690057323926449275",
"length": 196.0
},
"target": {
"file": "drivers/media/i2c/ds90ub953.c",
"function": "ub953_subdev_uninit"
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@70743d6a8b256225675711e7983825f1be86062d"
},
{
"id": "CVE-2024-58003-f867abe0",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Function",
"digest": {
"function_hash": "290356553742687490150690057323926449275",
"length": 196.0
},
"target": {
"file": "drivers/media/i2c/ds90ub913.c",
"function": "ub913_subdev_uninit"
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@60b45ece41c5632a3a3274115a401cb244180646"
},
{
"id": "CVE-2024-58003-f9ad055e",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Function",
"digest": {
"function_hash": "290356553742687490150690057323926449275",
"length": 196.0
},
"target": {
"file": "drivers/media/i2c/ds90ub953.c",
"function": "ub953_subdev_uninit"
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@f4e4373322f8d4c19721831f7fb989e52d30dab0"
}
]