CVE-2024-58081
- Source
- https://cve.org/CVERecord?id=CVE-2024-58081
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-58081.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2024-58081
- Downstream
- Related
- Published
- 2025-03-06T16:13:44.176Z
- Modified
- 2026-03-11T05:29:52.513630Z
- Severity
-
- 5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
- Summary
- clk: mmp2: call pm_genpd_init() only after genpd.name is set
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
clk: mmp2: call pmgenpdinit() only after genpd.name is set
Setting the genpd's struct device's name with devsetname() is happening within pmgenpdinit(). If it remains NULL, things can blow up later, such as when crafting the devfs hierarchy for the power domain:
Unable to handle kernel NULL pointer dereference at virtual address 00000000 when read ... Call trace: strlen from startcreating+0x90/0x138 startcreating from debugfscreatedir+0x20/0x178 debugfscreatedir from genpddebugadd.part.0+0x4c/0x144 genpddebugadd.part.0 from genpddebuginit+0x74/0x90 genpddebuginit from dooneinitcall+0x5c/0x244 dooneinitcall from kernelinitfreeable+0x19c/0x1f4 kernelinitfreeable from kernelinit+0x1c/0x12c kernelinit from retfromfork+0x14/0x28
Bisecting tracks this crash back to commit 899f44531fe6 ("pmdomain: core: Add GENPDFLAGDEVNAMEFW flag"), which exchanges use of genpd->name with devname(&genpd->dev) in genpddebug_add.part().
- Database specific
{ "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/58xxx/CVE-2024-58081.json", "cna_assigner": "Linux" }- References
-
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- https://git.kernel.org/stable/c/763517124e27b07fa300b486d7d13c5d563a215e
- https://git.kernel.org/stable/c/e24b15d4704dcb73920c3d18a6157abd18df08c1
- https://git.kernel.org/stable/c/eca01d5911fb34218d10a58d8d9534b758c8fd0a
- https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/58xxx/CVE-2024-58081.json
- https://nvd.nist.gov/vuln/detail/CVE-2024-58081
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced899f44531fe6cac4b024710fec647ecc127724b8Fixedeca01d5911fb34218d10a58d8d9534b758c8fd0aFixed763517124e27b07fa300b486d7d13c5d563a215eFixede24b15d4704dcb73920c3d18a6157abd18df08c1
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedLast affected94a03c0400c9696735184c7d76630b818d0f5cca