mmc:davinci:驱动程序内置时不要剥离删除功能(CVE-2024-39484)

admin
admin
admin
0
文章
0
评论
2024-07-09 08:15:37 Ali_nvd 来源:ZONE.CI 全球网 0 阅读模式
mmc:davinci:驱动程序内置时不要剥离删除功能(CVE-2024-39484)

CVE编号

CVE-2024-39484

利用情况

暂无

补丁情况

N/A

披露时间

2024-07-05
漏洞描述
In the Linux kernel, the following vulnerability has been resolved: mmc: davinci: Don't strip remove function when driver is builtin Using __exit for the remove function results in the remove callback being discarded with CONFIG_MMC_DAVINCI=y. When such a device gets unbound (e.g. using sysfs or hotplug), the driver is just removed without the cleanup being performed. This results in resource leaks. Fix it by compiling in the remove callback unconditionally. This also fixes a W=1 modpost warning: WARNING: modpost: drivers/mmc/host/davinci_mmc: section mismatch in reference: davinci_mmcsd_driver+0x10 (section: .data) -> davinci_mmcsd_remove (section: .exit.text)
解决建议
建议您更新当前系统或软件至最新版,完成漏洞的修复。
参考链接
https://git.kernel.org/stable/c/1d5ed0efe51d36b9ae9b64f133bf41cdbf56f584
https://git.kernel.org/stable/c/55c421b364482b61c4c45313a535e61ed5ae4ea3
https://git.kernel.org/stable/c/5ee241f72edc6dce5051a5f100eab6cc019d873e
https://git.kernel.org/stable/c/6ff7cfa02baabec907f6f29ea76634e6256d2ec4
https://git.kernel.org/stable/c/7590da4c04dd4aa9c262da0231e978263861c6eb
https://git.kernel.org/stable/c/aea35157bb9b825faa0432bd0f7fbea37ff39aa1
CVSS3评分 N/A
  • 攻击路径 N/A
  • 攻击复杂度 N/A
  • 权限要求 N/A
  • 影响范围 N/A
  • 用户交互 N/A
  • 可用性 N/A
  • 保密性 N/A
  • 完整性 N/A
N/A
CWE-ID 漏洞类型
- avd.aliyun.com
weinxin
版权声明
本站原创文章转载请注明文章出处及链接,谢谢合作!
ZONE.CI 全球网 | 安全领域涉猎者-乌云独行地带
ZONE.CI 全球网
安全领域涉猎者-乌云独行地带
ZONE.CI 全球网 | 安全领域涉猎者-乌云独行地带
安全领域涉猎者-乌云独行地带
ZONE.CI 全球网
评论:0   参与:  0