CVE-2024-53158

soc: qcom: geni-se: fix array underflow in geni_se_clk_tbl_get()

Severity Score

5.5

*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

In the Linux kernel, the following vulnerability has been resolved: soc: qcom: geni-se: fix array underflow in geni_se_clk_tbl_get() This loop is supposed to break if the frequency returned from
clk_round_rate() is the same as on the previous iteration. However,
that check doesn't make sense on the first iteration through the loop.
It leads to reading before the start of these->clk_perf_tbl[] array.

In the Linux kernel, the following vulnerability has been resolved: soc: qcom: geni-se: fix array underflow in geni_se_clk_tbl_get() This loop is supposed to break if the frequency returned from clk_round_rate() is the same as on the previous iteration. However, that check doesn't make sense on the first iteration through the loop. It leads to reading before the start of these->clk_perf_tbl[] array.

Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not properly handle certain error conditions, leading to a NULL pointer dereference. A local attacker could possibly trigger this vulnerability to cause a denial of service. Ye Zhang and Nicolas Wu discovered that the io_uring subsystem in the Linux kernel did not properly handle locking for rings with IOPOLL, leading to a double-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

*Credits: N/A

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

High

Attack Vector

Local

Attack Complexity

Low

Authentication

Single

Confidentiality

None

Integrity

None

Availability

Complete

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2024-11-19 CVE Reserved
2024-12-24 CVE Published
2025-04-25 EPSS Updated
2025-05-04 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CAPEC

References (10)

URL	Tag	Source
https://git.kernel.org/stable/c/eddac5af06546d2e7a0730e3dc02dde3dc91098a	Vuln. Introduced

URL	Date	SRC

URL	Date	SRC
https://git.kernel.org/stable/c/37cdd4f0c266560b7b924c42361eeae3dc5f0c3e	2024-12-05
https://git.kernel.org/stable/c/7a3465b79ef0539aa10b310ac3cc35e0ae25b79e	2024-12-14
https://git.kernel.org/stable/c/748557ca7dc94695a6e209eb68fce365da9a3bb3	2024-12-14
https://git.kernel.org/stable/c/f4b7bf5a50f1fa25560f0b66a13563465542861b	2024-12-14
https://git.kernel.org/stable/c/b0a9c6ccaf88c4701787f61ecd2ec0eb014a0677	2024-12-14
https://git.kernel.org/stable/c/c24e019ca12d9ec814af04b30a64dd7173fb20fe	2024-12-09
https://git.kernel.org/stable/c/56eda41dcce0ec4d3418b4f85037bdea181486cc	2024-12-05
https://git.kernel.org/stable/c/351bb7f9ecb9d1f09bd7767491a2b8d07f4f1ea4	2024-12-05
https://git.kernel.org/stable/c/78261cb08f06c93d362cab5c5034bf5899bc7552	2024-10-06

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.18 < 4.19.325 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.18 < 4.19.325"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.18 < 5.4.287 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.18 < 5.4.287"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.18 < 5.10.231 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.18 < 5.10.231"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.18 < 5.15.174 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.18 < 5.15.174"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.18 < 6.1.120 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.18 < 6.1.120"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.18 < 6.6.64 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.18 < 6.6.64"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.18 < 6.11.11 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.18 < 6.11.11"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.18 < 6.12.2 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.18 < 6.12.2"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.18 < 6.13 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.18 < 6.13"		en		Affected