CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

CVE-2024-56754: crypto: caam - Fix the pointer passed to caam_qi_shutdown()

Description

In the Linux kernel, the following vulnerability has been resolved:

crypto: caam - Fix the pointer passed to caam_qi_shutdown()

The type of the last parameter given to devm_add_action_or_reset() is
"struct caam_drv_private *", but in caam_qi_shutdown(), it is casted to
"struct device *".

Pass the correct parameter to devm_add_action_or_reset() so that the
resources are released as expected.

Classification

CVE ID: CVE-2024-56754

Affected Products

Vendor: Linux

Product: Linux

Exploit Prediction Scoring System (EPSS)

EPSS Score: 0.04% (probability of being exploited)

EPSS Percentile: 5.08% (scored less or equal to compared to others)

EPSS Date: 2025-02-04 (when was this score calculated)

References

https://git.kernel.org/stable/c/cc386170b3312fd7b5bc4a69a9f52d7f50814526
https://git.kernel.org/stable/c/6187727e57aec122c8a99c464c74578c810cbe40
https://git.kernel.org/stable/c/66eddb8dcb61065c53098510165f14b54232bcc2
https://git.kernel.org/stable/c/1f8e2f597b918ca5827a5c6d00b819d064264d1c
https://git.kernel.org/stable/c/84a185aea7b83f620699de0ea36907d588d89cf6
https://git.kernel.org/stable/c/ad39df0898d3f469776c19d99229be055cc2dcea
https://git.kernel.org/stable/c/ad980b04f51f7fb503530bd1cb328ba5e75a250e

Timeline

2024-12-30 00:30:27 UTC
CVE

crypto: caam - Fix the pointer passed to caam_qi_shutdown()