CVE-2024-56618 (GCVE-0-2024-56618)
Vulnerability from cvelistv5
Published
2024-12-27 14:51
Modified
2026-05-11 20:55
Severity ?
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Summary
In the Linux kernel, the following vulnerability has been resolved: pmdomain: imx: gpcv2: Adjust delay after power up handshake The udelay(5) is not enough, sometimes below kernel panic still be triggered: [ 4.012973] Kernel panic - not syncing: Asynchronous SError Interrupt [ 4.012976] CPU: 2 UID: 0 PID: 186 Comm: (udev-worker) Not tainted 6.12.0-rc2-0.0.0-devel-00004-g8b1b79e88956 #1 [ 4.012982] Hardware name: Toradex Verdin iMX8M Plus WB on Dahlia Board (DT) [ 4.012985] Call trace: [...] [ 4.013029] arm64_serror_panic+0x64/0x70 [ 4.013034] do_serror+0x3c/0x70 [ 4.013039] el1h_64_error_handler+0x30/0x54 [ 4.013046] el1h_64_error+0x64/0x68 [ 4.013050] clk_imx8mp_audiomix_runtime_resume+0x38/0x48 [ 4.013059] __genpd_runtime_resume+0x30/0x80 [ 4.013066] genpd_runtime_resume+0x114/0x29c [ 4.013073] __rpm_callback+0x48/0x1e0 [ 4.013079] rpm_callback+0x68/0x80 [ 4.013084] rpm_resume+0x3bc/0x6a0 [ 4.013089] __pm_runtime_resume+0x50/0x9c [ 4.013095] pm_runtime_get_suppliers+0x60/0x8c [ 4.013101] __driver_probe_device+0x4c/0x14c [ 4.013108] driver_probe_device+0x3c/0x120 [ 4.013114] __driver_attach+0xc4/0x200 [ 4.013119] bus_for_each_dev+0x7c/0xe0 [ 4.013125] driver_attach+0x24/0x30 [ 4.013130] bus_add_driver+0x110/0x240 [ 4.013135] driver_register+0x68/0x124 [ 4.013142] __platform_driver_register+0x24/0x30 [ 4.013149] sdma_driver_init+0x20/0x1000 [imx_sdma] [ 4.013163] do_one_initcall+0x60/0x1e0 [ 4.013168] do_init_module+0x5c/0x21c [ 4.013175] load_module+0x1a98/0x205c [ 4.013181] init_module_from_file+0x88/0xd4 [ 4.013187] __arm64_sys_finit_module+0x258/0x350 [ 4.013194] invoke_syscall.constprop.0+0x50/0xe0 [ 4.013202] do_el0_svc+0xa8/0xe0 [ 4.013208] el0_svc+0x3c/0x140 [ 4.013215] el0t_64_sync_handler+0x120/0x12c [ 4.013222] el0t_64_sync+0x190/0x194 [ 4.013228] SMP: stopping secondary CPUs The correct way is to wait handshake, but it needs BUS clock of BLK-CTL be enabled, which is in separate driver. So delay is the only option here. The udelay(10) is a data got by experiment.
References
Impacted products
Vendor Product Version
Linux Linux Version: e8dc41afca161b988e6d462f4d0803d247e22250
Version: e8dc41afca161b988e6d462f4d0803d247e22250
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "LOCAL",
              "availabilityImpact": "HIGH",
              "baseScore": 5.5,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "NONE",
              "integrityImpact": "NONE",
              "privilegesRequired": "LOW",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2024-56618",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-10-01T20:01:00.196210Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "description": "CWE-noinfo Not enough information",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-10-01T20:07:12.826Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/pmdomain/imx/gpcv2.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "a63907c8c712414643b597debcd09d16b6827b23",
              "status": "affected",
              "version": "e8dc41afca161b988e6d462f4d0803d247e22250",
              "versionType": "git"
            },
            {
              "lessThan": "2379fb937de5333991c567eefd7d11b98977d059",
              "status": "affected",
              "version": "e8dc41afca161b988e6d462f4d0803d247e22250",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/pmdomain/imx/gpcv2.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "6.10"
            },
            {
              "lessThan": "6.10",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.12.*",
              "status": "unaffected",
              "version": "6.12.5",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.13",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.12.5",
                  "versionStartIncluding": "6.10",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.13",
                  "versionStartIncluding": "6.10",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\npmdomain: imx: gpcv2: Adjust delay after power up handshake\n\nThe udelay(5) is not enough, sometimes below kernel panic\nstill be triggered:\n\n[    4.012973] Kernel panic - not syncing: Asynchronous SError Interrupt\n[    4.012976] CPU: 2 UID: 0 PID: 186 Comm: (udev-worker) Not tainted 6.12.0-rc2-0.0.0-devel-00004-g8b1b79e88956 #1\n[    4.012982] Hardware name: Toradex Verdin iMX8M Plus WB on Dahlia Board (DT)\n[    4.012985] Call trace:\n[...]\n[    4.013029]  arm64_serror_panic+0x64/0x70\n[    4.013034]  do_serror+0x3c/0x70\n[    4.013039]  el1h_64_error_handler+0x30/0x54\n[    4.013046]  el1h_64_error+0x64/0x68\n[    4.013050]  clk_imx8mp_audiomix_runtime_resume+0x38/0x48\n[    4.013059]  __genpd_runtime_resume+0x30/0x80\n[    4.013066]  genpd_runtime_resume+0x114/0x29c\n[    4.013073]  __rpm_callback+0x48/0x1e0\n[    4.013079]  rpm_callback+0x68/0x80\n[    4.013084]  rpm_resume+0x3bc/0x6a0\n[    4.013089]  __pm_runtime_resume+0x50/0x9c\n[    4.013095]  pm_runtime_get_suppliers+0x60/0x8c\n[    4.013101]  __driver_probe_device+0x4c/0x14c\n[    4.013108]  driver_probe_device+0x3c/0x120\n[    4.013114]  __driver_attach+0xc4/0x200\n[    4.013119]  bus_for_each_dev+0x7c/0xe0\n[    4.013125]  driver_attach+0x24/0x30\n[    4.013130]  bus_add_driver+0x110/0x240\n[    4.013135]  driver_register+0x68/0x124\n[    4.013142]  __platform_driver_register+0x24/0x30\n[    4.013149]  sdma_driver_init+0x20/0x1000 [imx_sdma]\n[    4.013163]  do_one_initcall+0x60/0x1e0\n[    4.013168]  do_init_module+0x5c/0x21c\n[    4.013175]  load_module+0x1a98/0x205c\n[    4.013181]  init_module_from_file+0x88/0xd4\n[    4.013187]  __arm64_sys_finit_module+0x258/0x350\n[    4.013194]  invoke_syscall.constprop.0+0x50/0xe0\n[    4.013202]  do_el0_svc+0xa8/0xe0\n[    4.013208]  el0_svc+0x3c/0x140\n[    4.013215]  el0t_64_sync_handler+0x120/0x12c\n[    4.013222]  el0t_64_sync+0x190/0x194\n[    4.013228] SMP: stopping secondary CPUs\n\nThe correct way is to wait handshake, but it needs BUS clock of\nBLK-CTL be enabled, which is in separate driver. So delay is the\nonly option here. The udelay(10) is a data got by experiment."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-05-11T20:55:56.895Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/a63907c8c712414643b597debcd09d16b6827b23"
        },
        {
          "url": "https://git.kernel.org/stable/c/2379fb937de5333991c567eefd7d11b98977d059"
        }
      ],
      "title": "pmdomain: imx: gpcv2: Adjust delay after power up handshake",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2024-56618",
    "datePublished": "2024-12-27T14:51:22.592Z",
    "dateReserved": "2024-12-27T14:03:06.016Z",
    "dateUpdated": "2026-05-11T20:55:56.895Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.