SB2025012057 - Resource management error in Linux kernel misc mchp_pci1xxxx driver
Published: January 20, 2025 Updated: May 11, 2025
Security Bulletin ID
SB2025012057
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Local access
Highest impact
Denial of service
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Resource management error (CVE-ID: CVE-2024-57916)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the pci1xxxx_gpio_irq_handler() function in drivers/misc/mchp_pci1xxxx/mchp_pci1xxxx_gpio.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/194f9f94a5169547d682e9bbcc5ae6d18a564735
- https://git.kernel.org/stable/c/25692750c0259c5b65afec467d97201a485e8a00
- https://git.kernel.org/stable/c/47d3749ec0cb56b7b98917c190a8c10cb54216fd
- https://git.kernel.org/stable/c/79aef6187e16b2d32307c8ff610e9e04f7f86e1f
- https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.1.125