CVE-2024-35824
misc: lis3lv02d_i2c: Fix regulators getting en-/dis-abled twice on suspend/resume
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
In the Linux kernel, the following vulnerability has been resolved:
misc: lis3lv02d_i2c: Fix regulators getting en-/dis-abled twice on suspend/resume
When not configured for wakeup lis3lv02d_i2c_suspend() will call
lis3lv02d_poweroff() even if the device has already been turned off
by the runtime-suspend handler and if configured for wakeup and
the device is runtime-suspended at this point then it is not turned
back on to serve as a wakeup source.
Before commit b1b9f7a49440 ("misc: lis3lv02d_i2c: Add missing setting
of the reg_ctrl callback"), lis3lv02d_poweroff() failed to disable
the regulators which as a side effect made calling poweroff() twice ok.
Now that poweroff() correctly disables the regulators, doing this twice
triggers a WARN() in the regulator core:
unbalanced disables for regulator-dummy
WARNING: CPU: 1 PID: 92 at drivers/regulator/core.c:2999 _regulator_disable
...
Fix lis3lv02d_i2c_suspend() to not call poweroff() a second time if
already runtime-suspended and add a poweron() call when necessary to
make wakeup work.
lis3lv02d_i2c_resume() has similar issues, with an added weirness that
it always powers on the device if it is runtime suspended, after which
the first runtime-resume will call poweron() again, causing the enabled
count for the regulator to increase by 1 every suspend/resume. These
unbalanced regulator_enable() calls cause the regulator to never
be turned off and trigger the following WARN() on driver unbind:
WARNING: CPU: 1 PID: 1724 at drivers/regulator/core.c:2396 _regulator_put
Fix this by making lis3lv02d_i2c_resume() mirror the new suspend().
En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: misc: lis3lv02d_i2c: corrige que los reguladores se activen/desactiven dos veces al suspender/reanudar Cuando no está configurado para reactivación, lis3lv02d_i2c_suspend() llamará a lis3lv02d_poweroff() incluso si el dispositivo ya ha sido desactivado por el controlador de suspensión de tiempo de ejecución y si está configurado para reactivación y el dispositivo está suspendido en tiempo de ejecución en este punto, no se vuelve a activar para que sirva como fuente de activación. Antes de la confirmación b1b9f7a49440 ("misc: lis3lv02d_i2c: Agregar configuración faltante de la devolución de llamada reg_ctrl"), lis3lv02d_poweroff() fallaba al deshabilitar los reguladores, lo que como efecto secundario hizo que llamar a poweroff() dos veces fuera correcto. Ahora que poweroff() desactiva correctamente los reguladores, al hacer esto dos veces se activa una ADVERTENCIA() en el núcleo del regulador: desactivaciones desequilibradas para regulador ficticio ADVERTENCIA: CPU: 1 PID: 92 en drivers/regulator/core.c:2999 _regulator_disable .. Corrija lis3lv02d_i2c_suspend() para que no llame a poweroff() una segunda vez si ya está suspendido el tiempo de ejecución y agregue una llamada a poweron() cuando sea necesario para que la reactivación funcione. lis3lv02d_i2c_resume() tiene problemas similares, con el inconveniente adicional de que siempre enciende el dispositivo si el tiempo de ejecución está suspendido, después de lo cual la primera reanudación del tiempo de ejecución llamará a poweron() nuevamente, lo que provocará que el recuento habilitado para el regulador aumente en 1 cada suspender/reanudar. Estas llamadas desequilibradas regulator_enable() hacen que el regulador nunca se apague y activan la siguiente ADVERTENCIA() al desvincular el controlador: ADVERTENCIA: CPU: 1 PID: 1724 en drivers/regulator/core.c:2396 _regulator_put Solucione esto haciendo lis3lv02d_i2c_resume( ) refleja la nueva suspensión().
A vulnerability was found in the `lis3lv02d_i2c` driver in the Linux kernel. This issue involves regulators being enabled and disabled twice during the suspend and resume process, which could lead to unintended behavior or system instability.
CVSS Scores
SSVC
- Decision:Track
Timeline
- 2024-05-17 CVE Reserved
- 2024-05-17 CVE Published
- 2024-05-18 EPSS Updated
- 2024-11-05 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
CAPEC
References (9)
| URL | Tag | Source |
|---|---|---|
| https://git.kernel.org/stable/c/2c1164ad927e62f122b151493bb183bc11dab8f8 | Vuln. Introduced | |
| https://git.kernel.org/stable/c/1229ce1c4acd36f5af97c996420defc43daca635 | Vuln. Introduced | |
| https://git.kernel.org/stable/c/755182e1e8667272a082506a2a20b4cdd78ab4c2 | Vuln. Introduced |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://access.redhat.com/security/cve/CVE-2024-35824 | 2024-11-12 | |
| https://bugzilla.redhat.com/show_bug.cgi?id=2281189 | 2024-11-12 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 6.1.77 < 6.1.84 Search vendor "Linux" for product "Linux Kernel" and version " >= 6.1.77 < 6.1.84" | en |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 6.6.16 < 6.6.24 Search vendor "Linux" for product "Linux Kernel" and version " >= 6.6.16 < 6.6.24" | en |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 6.7.4 < 6.7.12 Search vendor "Linux" for product "Linux Kernel" and version " >= 6.7.4 < 6.7.12" | en |
Affected
| ||||||