Linux Kernel Vulnerability in QCOM Display Clock Management
CVE-2024-58080

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 6 March 2025

Summary

A vulnerability exists in the Linux kernel's QCOM display clock management where the clk_rcg2 structure lacks a defined parent_map when a parent is assigned. This oversight can result in a NULL pointer dereference during the clk_set_rate function call. To mitigate this issue, the parent_map property must be properly implemented for the clock, alongside un-inline adjustments for parent_data to ensure coherence between matching components.

Affected Version(s)

Linux 837519775f1d3945e3d4019641f7120d58325059 < 3daca9050857220726732ad9d4a8512069386f46

Linux 837519775f1d3945e3d4019641f7120d58325059 < 3ad28517385e2821e8e43388d6a0b3e1ba0bc3ab

Linux 837519775f1d3945e3d4019641f7120d58325059 < 2dba8d5d423fa5f6f3a687aa6e0da5808f69091b

References

https://git.kernel.org/stable/c/3daca9050857220726732ad9d...

https://git.kernel.org/stable/c/3ad28517385e2821e8e43388d...

https://git.kernel.org/stable/c/2dba8d5d423fa5f6f3a687aa6...

Timeline

Vulnerability published
Mar 6, 2025
Vulnerability Reserved
Mar 6, 2025