SB2025022770 - Use-after-free in Linux kernel pps clients driver
Published: February 27, 2025 Updated: April 28, 2025
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Use-after-free (CVE-ID: CVE-2024-57979)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the ptp_ocp_complete() function in drivers/ptp/ptp_ocp.c, within the DEFINE_MUTEX(), pps_cdev_pps_fetch(), pps_cdev_ioctl(), pps_cdev_compat_ioctl(), pps_device_destruct(), pps_register_cdev(), pps_unregister_cdev(), EXPORT_SYMBOL() and pps_init() functions in drivers/pps/pps.c, within the pps_kc_bind() and pps_kc_remove() functions in drivers/pps/kc.c, within the pps_add_offset(), pps_register_source() and pps_event() functions in drivers/pps/kapi.c, within the parport_irq() function in drivers/pps/clients/pps_parport.c, within the pps_tty_dcd_change(), pps_tty_open() and pps_tty_close() functions in drivers/pps/clients/pps-ldisc.c, within the pps_ktimer_exit() and pps_ktimer_init() functions in drivers/pps/clients/pps-ktimer.c, within the pps_gpio_probe() function in drivers/pps/clients/pps-gpio.c. A local user can escalate privileges on the system.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/7e5ee3281dc09014367f5112b6d566ba36ea2d49
- https://git.kernel.org/stable/c/85241f7de216f8298f6e48540ea13d7dcd100870
- https://git.kernel.org/stable/c/91932db1d96b2952299ce30c1c693d834d10ace6
- https://git.kernel.org/stable/c/c79a39dc8d060b9e64e8b0fa9d245d44befeefbe
- https://git.kernel.org/stable/c/cd3bbcb6b3a7caa5ce67de76723b6d8531fb7f64