1226592 – (CVE-2024-38615) VUL-0: CVE-2024-38615: kernel: cpufreq: exit() callback is optional

Bug 1226592 (CVE-2024-38615) - VUL-0: CVE-2024-38615: kernel: cpufreq: exit() callback is optional

Summary: VUL-0: CVE-2024-38615: kernel: cpufreq: exit() callback is optional

Status:	NEW

Alias:	CVE-2024-38615

Product:	SUSE Security Incidents
Classification:	Novell Products
Component:	Incidents (show other bugs)
Version:	unspecified
Hardware:	Other Other

Priority:	P3 - Medium Severity: Normal
Target Milestone:	---
Assignee:	Giovanni Gherdovich
QA Contact:	Security Team bot

URL:	https://smash.suse.de/issue/411418/
Whiteboard:	CVSSv3.1:SUSE:CVE-2024-38615:4.4:(AV:...
Keywords:

Depends on:
Blocks:

Clone This Bug

Reported:	2024-06-20 11:17 UTC by SMASH SMASH
Modified:	2024-07-08 15:11 UTC (History)
CC List:	2 users (show)

See Also:
Found By:	Security Response Team
Services Priority:
Business Priority:
Blocker:	---
Marketing QA Status:	---
IT Deployment:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description SMASH SMASH 2024-06-20 11:17:44 UTC

In the Linux kernel, the following vulnerability has been resolved:

cpufreq: exit() callback is optional

The exit() callback is optional and shouldn't be called without checking
a valid pointer first.

Also, we must clear freq_table pointer even if the exit() callback isn't
present.

References:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-38615
https://git.kernel.org/pub/scm/linux/security/vulns.git/plain/cve/published/2024/CVE-2024-38615.mbox
https://git.kernel.org/stable/c/2d730b465e377396d2a09a53524b96b111f7ccb6
https://git.kernel.org/stable/c/dfc56ff5ec9904c008e9376d90a6d7e2d2bec4d3
https://git.kernel.org/stable/c/35db5e76d5e9f752476df5fa0b9018a2398b0378
https://git.kernel.org/stable/c/8bc9546805e572ad101681437a49939f28777273
https://git.kernel.org/stable/c/3e99f060cfd2e36504d62c9132b453ade5027e1c
https://git.kernel.org/stable/c/ae37ebca325097d773d7bb6ec069123b30772872
https://git.kernel.org/stable/c/a8204d1b6ff762d2171d365c2c8560285d0a233d
https://git.kernel.org/stable/c/b8f85833c05730d631576008daaa34096bc7f3ce
https://www.cve.org/CVERecord?id=CVE-2024-38615

Comment 1 Gabriel Krisman Bertazi 2024-06-20 19:05:31 UTC

Hi Giovanni,

Please notice this has a behavior change that is not documented in the commit message, and I'm not sure it is intended.  Before this patch, __cpufreq_offline wouldn't call ->exit() if ->offline() existed, but now it does. Is this correct?

We are missing a backport to 15SP5 (see below).  Can you handle it?  CVSS is 4.4.

b8f85833c057 ("cpufreq: exit() callback is optional") merged vfs-6.10-rc2.fixes~104^2~2^2~5
Fixes: 91a12e91dc39 ("cpufreq: Allow light-weight tear down and bring up of CPUs") merged v5.1-rc1~151^2~1^2~1^2~15
Fixes: f339f3541701 ("cpufreq: Rearrange locking in cpufreq_remove_dev()") merged v5.19-rc1~182^2~2^2~7
Security fix for CVE-2024-38615 bsc#1226592 with CVSS 4.4
Experts candidates: ggherdov@suse.cz trenn@suse.de 
.......................
ACTION NEEDED!
SLE15-SP5: MANUAL: backport b8f85833c05730d631576008daaa34096bc7f3ce (Fixes 91a12e91dc39)