CVE-2024-50176
remoteproc: k3-r5: Fix error handling when power-up failed
Vexday Risk Score
13Baixo
Decisão SSVC (CISA)
Track
Sem sinal de exploração → monitorar
CVSS 5.5EPSS 0.2%KEV nãoPoC —Nuclei —Metasploit —Patch —
Ciclo de vida
08 nov 2024Publicada no NVD
Recomendação: Monitorar — sem sinal de exploração no momento.
In the Linux kernel, the following vulnerability has been resolved:
remoteproc: k3-r5: Fix error handling when power-up failed
By simply bailing out, the driver was violating its rule and internal
assumptions that either both or no rproc should be initialized. E.g.,
this could cause the first core to be available but not the second one,
leading to crashes on its shutdown later on while trying to dereference
that second instance.
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Produtos afetados
Linux · LinuxQuer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →Referências
https://git.kernel.org/stable/c/7afb5e3aa989c479979faeb18768a67889a7a9c6https://git.kernel.org/stable/c/87ab3af7447791d0c619610fd560bd804549e187https://git.kernel.org/stable/c/9ab27eb5866ccbf57715cfdba4b03d57776092fbhttps://git.kernel.org/stable/c/afd102bde99d90ef41e043c846ea34b04433eb7bhttps://git.kernel.org/stable/c/fc71c23958931713b5e76f317b76be37189f2516https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html