SB2024091381 - Infinite loop in Linux kernel soc qcom driver
Published: September 13, 2024 Updated: May 12, 2025
Security Bulletin ID
SB2024091381
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Local access
Highest impact
Denial of service
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Infinite loop (CVE-ID: CVE-2024-46689)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to infinite loop within the cmd_db_dev_probe() function in drivers/soc/qcom/cmd-db.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/0ee9594c974368a17e85a431e9fe1c14fb65c278
- https://git.kernel.org/stable/c/f5a5a5a0e95f36e2792d48e6e4b64e665eb01374
- https://git.kernel.org/stable/c/eaff392c1e34fb77cc61505a31b0191e5e46e271
- https://git.kernel.org/stable/c/d9d48d70e922b272875cda60d2ada89291c840cf
- https://git.kernel.org/stable/c/ef80520be0ff78ae5ed44cb6eee1525e65bebe70
- https://git.kernel.org/stable/c/62c2d63605ca25b5db78a347ed303c0a0a77d5b4
- https://git.kernel.org/stable/c/f9bb896eab221618927ae6a2f1d566567999839d
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.225
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.166
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.283
- https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.1.108
- https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.10.8
- https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.11
- https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.6.49