Linux Kernel Vulnerability in CAAM Crypto Driver
CVE-2024-56754

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 29 December 2024

Summary

A vulnerability within the Linux kernel's CAAM (Cryptographic Acceleration and Assurance Module) driver has been identified where a pointer type mismatch occurs during the shutdown process. Specifically, the last parameter that is passed to the function 'devm_add_action_or_reset()' is of the type 'struct caam_drv_private *', yet it is incorrectly cast to 'struct device *' in the 'caam_qi_shutdown()' function. This miscasting can prevent resources from being released correctly, potentially leading to memory leaks or undefined behavior. The issue has been addressed in the subsequent patches to ensure the proper parameter type is utilized, thereby safeguarding against related operational risks.

Affected Version(s)

Linux f414de2e2fffd89c8a4e5b5e06b0eba5f9d8b1eb

Linux f414de2e2fffd89c8a4e5b5e06b0eba5f9d8b1eb < 6187727e57aec122c8a99c464c74578c810cbe40

Linux f414de2e2fffd89c8a4e5b5e06b0eba5f9d8b1eb < 66eddb8dcb61065c53098510165f14b54232bcc2

References

https://git.kernel.org/stable/c/cc386170b3312fd7b5bc4a69a...

https://git.kernel.org/stable/c/6187727e57aec122c8a99c464...

https://git.kernel.org/stable/c/66eddb8dcb61065c530985101...

Timeline

Vulnerability published
Dec 29, 2024
Vulnerability Reserved
Dec 29, 2024

Collectors

NVD DatabaseMitre Database