CVE-2024-56724

mfd: intel_soc_pmic_bxtwc: Use IRQ domain for TMU device

CVSS 5.5 MEDIUMEPSS 0.2%

Vexday Risk Score

13Low

SSVC decision (CISA)

Track

No exploitation signal → monitor

CVSS 5.5EPSS 0.2%KEV nãoPoC —Nuclei —Metasploit —Patch —

Lifecycle

29 Dec 2024Published on NVD

Recommendation: Monitor — no exploitation signal at the moment.

In the Linux kernel, the following vulnerability has been resolved: mfd: intel_soc_pmic_bxtwc: Use IRQ domain for TMU device While design wise the idea of converting the driver to use the hierarchy of the IRQ chips is correct, the implementation has (inherited) flaws. This was unveiled when platform_get_irq() had started WARN() on IRQ 0 that is supposed to be a Linux IRQ number (also known as vIRQ). Rework the driver to respect IRQ domain when creating each MFD device separately, as the domain is not the same for all of them.

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Affected products

Linux · Linux

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://git.kernel.org/stable/c/1b734ad0e33648c3988c6a37c2ac16c2d63eda06 https://git.kernel.org/stable/c/2310f5336f32eac9ada2d59b965d578efe25c4bf https://git.kernel.org/stable/c/56acf415772ee7e10e448b371f52b249aa2d0f7b https://git.kernel.org/stable/c/5bc6d0da4a32fe34a9960de577e0b7de3454de0c https://git.kernel.org/stable/c/9b79d59e6b2b515eb9a22bc469ef7b8f0904fc73 https://git.kernel.org/stable/c/b7c7c400de85d915e0da7c2c363553a801c47349 https://git.kernel.org/stable/c/c472b55cc0bc3df805db6a14f50a084884cf18ee https://git.kernel.org/stable/c/da498e02c92e6d82df8001438dd583b90c570815 https://lists.debian.org/debian-lts-announce/2025/03/msg00001.html https://lists.debian.org/debian-lts-announce/2025/03/msg00002.html