SB2024080845 - Resource management error in Linux kernel gpio driver
Published: August 8, 2024 Updated: May 12, 2025
Security Bulletin ID
SB2024080845
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Local access
Highest impact
Denial of service
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Resource management error (CVE-ID: CVE-2024-42253)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the pca953x_irq_bus_sync_unlock() function in drivers/gpio/gpio-pca953x.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/58a5c93bd1a6e949267400080f07e57ffe05ec34
- https://git.kernel.org/stable/c/e2ecdddca80dd845df42376e4b0197fe97018ba2
- https://git.kernel.org/stable/c/de7cffa53149c7b48bd1bb29b02390c9f05b7f41
- https://git.kernel.org/stable/c/bfc6444b57dc7186b6acc964705d7516cbaf3904
- https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.1.101
- https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.10
- https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.6.42