CVE-2024-36029: mmc: sdhci-msm: pervent access to suspended controller

Description

In the Linux kernel, the following vulnerability has been resolved:

mmc: sdhci-msm: pervent access to suspended controller

Generic sdhci code registers LED device and uses host->runtime_suspended
flag to protect access to it. The sdhci-msm driver doesn't set this flag,
which causes a crash when LED is accessed while controller is runtime
suspended. Fix this by setting the flag correctly.

Classification

CVE ID: CVE-2024-36029

Affected Products

Vendor: Linux

Product: Linux

Exploit Prediction Scoring System (EPSS)

EPSS Score: 0.05% (probability of being exploited)

EPSS Percentile: 17.83% (scored less or equal to compared to others)

EPSS Date: 2025-02-04 (when was this score calculated)

References

https://git.kernel.org/stable/c/1200481cd6069d16ce20133bcd86f5825e26a045
https://git.kernel.org/stable/c/a957ea5aa3d3518067a1ba32c6127322ad348d20
https://git.kernel.org/stable/c/56b99a52229d7f8cd1f53d899f57aa7eb4b199af
https://git.kernel.org/stable/c/f653b04a818c490b045c97834d559911479aa1c5
https://git.kernel.org/stable/c/f8def10f73a516b771051a2f70f2f0446902cb4f

Timeline

2024-12-20 00:37:54 UTC
CVE

mmc: sdhci-msm: pervent access to suspended controller