Linux Kernel Vulnerability in Qualcomm SCM Driver
CVE-2024-57985

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 27 February 2025

Summary

A vulnerability in the Qualcomm SCM driver of the Linux kernel has been identified that could lead to a NULL pointer exception if the driver's probe fails. The driver must clear the global '__scm' variable upon probe failure to prevent external users from mistakenly assuming successful initialization. This vulnerability impacts the proper functioning of memory allocation functions and could result in system instability.

Affected Version(s)

Linux 40289e35ca525f29a03989352ab207b6a9675475 < 390d3baeba51a126f75c97b90ec28b9384ce4b84

Linux 40289e35ca525f29a03989352ab207b6a9675475

Linux 40289e35ca525f29a03989352ab207b6a9675475 < 1e76b546e6fca7eb568161f408133904ca6bcf4f

References

https://git.kernel.org/stable/c/390d3baeba51a126f75c97b90...

https://git.kernel.org/stable/c/faf1715798fe72b79e4432ce8...

https://git.kernel.org/stable/c/1e76b546e6fca7eb568161f40...

Timeline

Vulnerability published
Feb 27, 2025
Vulnerability Reserved
Feb 27, 2025