CVE-2024-36029

mmc: sdhci-msm: pervent access to suspended controller

Severity Score

"-"

*CVSS v-

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

Track

*SSVC

Descriptions

In the Linux kernel, the following vulnerability has been resolved:

mmc: sdhci-msm: pervent access to suspended controller

Generic sdhci code registers LED device and uses host->runtime_suspended
flag to protect access to it. The sdhci-msm driver doesn't set this flag,
which causes a crash when LED is accessed while controller is runtime
suspended. Fix this by setting the flag correctly.

En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: mmc: sdhci-msm: acceso prohibido al controlador suspendido El código sdhci genérico registra el dispositivo LED y utiliza el indicador host->runtime_suspended para proteger el acceso al mismo. El controlador sdhci-msm no establece este indicador, lo que provoca un bloqueo cuando se accede al LED mientras el controlador está suspendido en tiempo de ejecución. Solucione este problema configurando la bandera correctamente.

*Credits: N/A

CVSS Scores

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality

Integrity

Availability

* Common Vulnerability Scoring System

SSVC

Decision:Track

Exploitation

None

Automatable

Tech. Impact

Partial

* Organization's Worst-case Scenario

Timeline

2024-05-17 CVE Reserved
2024-05-30 CVE Published
2024-05-31 EPSS Updated
2024-08-02 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CAPEC

References (6)

URL	Tag	Source
https://git.kernel.org/stable/c/67e6db113c903f2b8af924400b7b43ade4b9ac5c	Vuln. Introduced

URL	Date	SRC

URL	Date	SRC
https://git.kernel.org/stable/c/1200481cd6069d16ce20133bcd86f5825e26a045	2024-05-02
https://git.kernel.org/stable/c/a957ea5aa3d3518067a1ba32c6127322ad348d20	2024-05-02
https://git.kernel.org/stable/c/56b99a52229d7f8cd1f53d899f57aa7eb4b199af	2024-05-02
https://git.kernel.org/stable/c/f653b04a818c490b045c97834d559911479aa1c5	2024-05-02
https://git.kernel.org/stable/c/f8def10f73a516b771051a2f70f2f0446902cb4f	2024-04-02

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.10 < 5.15.158 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.10 < 5.15.158"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.10 < 6.1.90 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.10 < 6.1.90"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.10 < 6.6.30 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.10 < 6.6.30"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.10 < 6.8.9 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.10 < 6.8.9"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.10 < 6.9 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.10 < 6.9"		en		Affected