CVE-2024-58004
media: intel/ipu6: remove cpu latency qos request on error
Vexday Risk Score
3Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS —EPSS 0.2%KEV nãoPoC —Nuclei —Metasploit —Patch —
Lifecycle
27 Feb 2025Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
In the Linux kernel, the following vulnerability has been resolved:
media: intel/ipu6: remove cpu latency qos request on error
Fix cpu latency qos list corruption like below. It happens when
we do not remove cpu latency request on error path and free
corresponding memory.
[ 30.634378] l7 kernel: list_add corruption. prev->next should be next (ffffffff9645e960), but was 0000000100100001. (prev=ffff8e9e877e20a8).
[ 30.634388] l7 kernel: WARNING: CPU: 2 PID: 2008 at lib/list_debug.c:32 __list_add_valid_or_report+0x83/0xa0
<snip>
[ 30.634640] l7 kernel: Call Trace:
[ 30.634650] l7 kernel: <TASK>
[ 30.634659] l7 kernel: ? __list_add_valid_or_report+0x83/0xa0
[ 30.634669] l7 kernel: ? __warn.cold+0x93/0xf6
[ 30.634678] l7 kernel: ? __list_add_valid_or_report+0x83/0xa0
[ 30.634690] l7 kernel: ? report_bug+0xff/0x140
[ 30.634702] l7 kernel: ? handle_bug+0x58/0x90
[ 30.634712] l7 kernel: ? exc_invalid_op+0x17/0x70
[ 30.634723] l7 kernel: ? asm_exc_invalid_op+0x1a/0x20
[ 30.634733] l7 kernel: ? __list_add_valid_or_report+0x83/0xa0
[ 30.634742] l7 kernel: plist_add+0xdd/0x140
[ 30.634754] l7 kernel: pm_qos_update_target+0xa0/0x1f0
[ 30.634764] l7 kernel: cpu_latency_qos_update_request+0x61/0xc0
[ 30.634773] l7 kernel: intel_dp_aux_xfer+0x4c7/0x6e0 [i915 1f824655ed04687c2b0d23dbce759fa785f6d033]
Affected products
Linux · Linux