Kernel Vulnerability in Linux Affecting Power Management Features
CVE-2024-58081

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 6 March 2025

Summary

A vulnerability in the Linux Kernel related to the power management subsystem can lead to a null pointer dereference during device initialization. The lack of a properly set device name for the power domain can result in a system crash when creating the device filesystem hierarchy. This is triggered by modifications in the power management domain handling, notably within the pm_genpd_init() function, indicating a requirement for improved safeguards during device configuration. This vulnerability emphasizes the critical nature of proper initialization procedures within kernel components.

Affected Version(s)

Linux 899f44531fe6cac4b024710fec647ecc127724b8

Linux 899f44531fe6cac4b024710fec647ecc127724b8 < 763517124e27b07fa300b486d7d13c5d563a215e

Linux 899f44531fe6cac4b024710fec647ecc127724b8

References

https://git.kernel.org/stable/c/eca01d5911fb34218d10a58d8...

https://git.kernel.org/stable/c/763517124e27b07fa300b486d...

https://git.kernel.org/stable/c/e24b15d4704dcb73920c3d18a...

Timeline

Vulnerability published
Mar 6, 2025
Vulnerability Reserved
Mar 6, 2025