SB20241230251 - Resource management error in Linux kernel mfd driver
Published: December 30, 2024 Updated: May 11, 2025
Security Bulletin ID
SB20241230251
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Local access
Highest impact
Denial of service
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Resource management error (CVE-ID: CVE-2024-56691)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the wcove_typec_probe() function in drivers/usb/typec/tcpm/wcove.c, within the ARRAY_SIZE(), bxtwc_add_chained_irq_chip() and bxtwc_probe() functions in drivers/mfd/intel_soc_pmic_bxtwc.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/0997e77c51330c2866a4f39480e762cca92ad953
- https://git.kernel.org/stable/c/0b648968bfa4f5c9c4983bca9f2de17626ed6fb6
- https://git.kernel.org/stable/c/23230ac3c5ca3f154b64849d1cf50583b4e6b98c
- https://git.kernel.org/stable/c/518e414d24e7037d6cc7198e942bf47fe6f5e8e1
- https://git.kernel.org/stable/c/686fb77712a4bc94b76a0c5ae74c60118b7a0d79
- https://git.kernel.org/stable/c/87a07a5b0b296e489c606ca95ffc16c18821975b
- https://git.kernel.org/stable/c/c310e6916c0b297011d0fec03f168a6b24e9e984
- https://git.kernel.org/stable/c/e1ef62e8d262e3f27446d26742208c1c81e9ee18
- https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.6.64