Advisory Published
CVE Published
Updated

CVE-2024-27038: clk: Fix clk_core_get NULL dereference

First published: Wed May 01 2024(Updated: )

In the Linux kernel, the following vulnerability has been resolved: clk: Fix clk_core_get NULL dereference It is possible for clk_core_get to dereference a NULL in the following sequence: clk_core_get() of_clk_get_hw_from_clkspec() __of_clk_get_hw_from_provider() __clk_get_hw() __clk_get_hw() can return NULL which is dereferenced by clk_core_get() at hw->core. Prior to commit dde4eff47c82 ("clk: Look for parents with clkdev based clk_lookups") the check IS_ERR_OR_NULL() was performed which would have caught the NULL. Reading the description of this function it talks about returning NULL but that cannot be so at the moment. Update the function to check for hw before dereferencing it and return NULL if hw is NULL.

Credit: 416baaa9-dc9f-4396-8d5f-8c081fb06d67 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Affected SoftwareAffected VersionHow to fix
debian/linux
5.10.218-1
5.10.221-1
6.1.94-1
6.1.99-1
6.9.10-1
6.9.12-1
ubuntu/linux<5.4.0-189.209
5.4.0-189.209
ubuntu/linux<5.15.0-112.122
5.15.0-112.122
ubuntu/linux<6.8.0-35.35
6.8.0-35.35
ubuntu/linux<6.9~<6.8.2
6.9~
6.8.2
ubuntu/linux-aws<5.4.0-1128.138
5.4.0-1128.138
ubuntu/linux-aws<5.15.0-1063.69
5.15.0-1063.69
ubuntu/linux-aws<6.8.0-1009.9
6.8.0-1009.9
ubuntu/linux-aws<6.9~<6.8.2
6.9~
6.8.2
ubuntu/linux-aws-5.15<5.15.0-1063.69~20.04.1
5.15.0-1063.69~20.04.1
ubuntu/linux-aws-5.15<6.9~<6.8.2
6.9~
6.8.2
ubuntu/linux-aws-5.4<6.9~<6.8.2
6.9~
6.8.2
ubuntu/linux-aws-6.5<6.9~<6.8.2
6.9~
6.8.2
ubuntu/linux-aws-fips<6.9~<6.8.2
6.9~
6.8.2
ubuntu/linux-aws-hwe<6.9~<6.8.2
6.9~
6.8.2
ubuntu/linux-azure<5.4.0-1133.140
5.4.0-1133.140
ubuntu/linux-azure<5.15.0-1066.75
5.15.0-1066.75
ubuntu/linux-azure<6.8.0-1008.8
6.8.0-1008.8
ubuntu/linux-azure<6.9~<6.8.2
6.9~
6.8.2
ubuntu/linux-azure-4.15<6.9~<6.8.2
6.9~
6.8.2
ubuntu/linux-azure-5.15<6.9~<6.8.2
6.9~
6.8.2
ubuntu/linux-azure-5.4<5.4.0-1133.140~18.04.1
5.4.0-1133.140~18.04.1
ubuntu/linux-azure-5.4<6.9~<6.8.2
6.9~
6.8.2
ubuntu/linux-azure-6.5<6.9~<6.8.2
6.9~
6.8.2
ubuntu/linux-azure-fde<5.15.0-1067.76.1
5.15.0-1067.76.1
ubuntu/linux-azure-fde<6.9~<6.8.2
6.9~
6.8.2
ubuntu/linux-azure-fde-5.15<5.15.0-1065.74~20.04.1.1
5.15.0-1065.74~20.04.1.1
ubuntu/linux-azure-fde-5.15<6.9~<6.8.2
6.9~
6.8.2
ubuntu/linux-azure-fips<6.9~<6.8.2
6.9~
6.8.2
ubuntu/linux-bluefield<5.4.0-1088.95
5.4.0-1088.95
ubuntu/linux-bluefield<6.9~<6.8.2
6.9~
6.8.2
ubuntu/linux-fips<6.9~<6.8.2
6.9~
6.8.2
ubuntu/linux-gcp<5.4.0-1132.141
5.4.0-1132.141
ubuntu/linux-gcp<5.15.0-1062.70
5.15.0-1062.70
ubuntu/linux-gcp<6.8.0-1008.9
6.8.0-1008.9
ubuntu/linux-gcp<6.9~<6.8.2
6.9~
6.8.2
ubuntu/linux-gcp-4.15<6.9~<6.8.2
6.9~
6.8.2
ubuntu/linux-gcp-5.15<5.15.0-1062.70~20.04.1
5.15.0-1062.70~20.04.1
ubuntu/linux-gcp-5.15<6.9~<6.8.2
6.9~
6.8.2
ubuntu/linux-gcp-5.4<5.4.0-1132.141~18.04.1
5.4.0-1132.141~18.04.1
ubuntu/linux-gcp-5.4<6.9~<6.8.2
6.9~
6.8.2
ubuntu/linux-gcp-6.5<6.9~<6.8.2
6.9~
6.8.2
ubuntu/linux-gcp-fips<6.9~<6.8.2
6.9~
6.8.2
ubuntu/linux-gke<5.15.0-1060.66
5.15.0-1060.66
ubuntu/linux-gke<6.8.0-1004.7
6.8.0-1004.7
ubuntu/linux-gke<6.9~<6.8.2
6.9~
6.8.2
ubuntu/linux-gkeop<5.4.0-1095.99
5.4.0-1095.99
ubuntu/linux-gkeop<5.15.0-1046.53
5.15.0-1046.53
ubuntu/linux-gkeop<6.9~<6.8.2
6.9~
6.8.2
ubuntu/linux-gkeop-5.15<5.15.0-1046.53~20.04.1
5.15.0-1046.53~20.04.1
ubuntu/linux-gkeop-5.15<6.9~<6.8.2
6.9~
6.8.2
ubuntu/linux-hwe<6.9~<6.8.2
6.9~
6.8.2
ubuntu/linux-hwe-5.15<5.15.0-113.123~20.04.1
5.15.0-113.123~20.04.1
ubuntu/linux-hwe-5.15<6.9~<6.8.2
6.9~
6.8.2
ubuntu/linux-hwe-5.4<5.4.0-189.209~18.04.1
5.4.0-189.209~18.04.1
ubuntu/linux-hwe-5.4<6.9~<6.8.2
6.9~
6.8.2
ubuntu/linux-hwe-6.5<6.9~<6.8.2
6.9~
6.8.2
ubuntu/linux-ibm<5.4.0-1075.80
5.4.0-1075.80
ubuntu/linux-ibm<5.15.0-1056.59
5.15.0-1056.59
ubuntu/linux-ibm<6.8.0-1006.6
6.8.0-1006.6
ubuntu/linux-ibm<6.9~<6.8.2
6.9~
6.8.2
ubuntu/linux-ibm-5.15<5.15.0-1057.60~20.04.1
5.15.0-1057.60~20.04.1
ubuntu/linux-ibm-5.15<6.9~<6.8.2
6.9~
6.8.2
ubuntu/linux-ibm-5.4<5.4.0-1075.80~18.04.1
5.4.0-1075.80~18.04.1
ubuntu/linux-ibm-5.4<6.9~<6.8.2
6.9~
6.8.2
ubuntu/linux-intel<6.9~<6.8.2
6.9~
6.8.2
ubuntu/linux-intel-iotg<5.15.0-1058.64
5.15.0-1058.64
ubuntu/linux-intel-iotg<6.9~<6.8.2
6.9~
6.8.2
ubuntu/linux-intel-iotg-5.15<5.15.0-1058.64~20.04.1
5.15.0-1058.64~20.04.1
ubuntu/linux-intel-iotg-5.15<6.9~<6.8.2
6.9~
6.8.2
ubuntu/linux-iot<5.4.0-1040.41
5.4.0-1040.41
ubuntu/linux-iot<6.9~<6.8.2
6.9~
6.8.2
ubuntu/linux-kvm<5.4.0-1116.123
5.4.0-1116.123
ubuntu/linux-kvm<5.15.0-1060.65
5.15.0-1060.65
ubuntu/linux-kvm<6.9~<6.8.2
6.9~
6.8.2
ubuntu/linux-laptop<6.9~<6.8.2
6.9~
6.8.2
ubuntu/linux-lowlatency<5.15.0-110.120
5.15.0-110.120
ubuntu/linux-lowlatency<6.8.0-35.35.1
6.8.0-35.35.1
ubuntu/linux-lowlatency<6.9~<6.8.2
6.9~
6.8.2
ubuntu/linux-lowlatency-hwe-5.15<5.15.0-110.120~20.04.1
5.15.0-110.120~20.04.1
ubuntu/linux-lowlatency-hwe-5.15<6.9~<6.8.2
6.9~
6.8.2
ubuntu/linux-lowlatency-hwe-6.5<6.9~<6.8.2
6.9~
6.8.2
ubuntu/linux-lts-xenial<6.9~<6.8.2
6.9~
6.8.2
ubuntu/linux-nvidia<5.15.0-1058.59
5.15.0-1058.59
ubuntu/linux-nvidia<6.9~<6.8.2
6.9~
6.8.2
ubuntu/linux-nvidia-6.5<6.9~<6.8.2
6.9~
6.8.2
ubuntu/linux-nvidia-6.8<6.9~<6.8.2
6.9~
6.8.2
ubuntu/linux-nvidia-lowlatency<6.9~<6.8.2
6.9~
6.8.2
ubuntu/linux-oem-6.5<6.9~<6.8.2
6.9~
6.8.2
ubuntu/linux-oem-6.8<6.8.0-1006.6
6.8.0-1006.6
ubuntu/linux-oem-6.8<6.9~<6.8.2
6.9~
6.8.2
ubuntu/linux-oracle<5.4.0-1127.136
5.4.0-1127.136
ubuntu/linux-oracle<5.15.0-1061.67
5.15.0-1061.67
ubuntu/linux-oracle<6.8.0-1006.6
6.8.0-1006.6
ubuntu/linux-oracle<6.9~<6.8.2
6.9~
6.8.2
ubuntu/linux-oracle-5.15<6.9~<6.8.2
6.9~
6.8.2
ubuntu/linux-oracle-5.4<5.4.0-1127.136~18.04.1
5.4.0-1127.136~18.04.1
ubuntu/linux-oracle-5.4<6.9~<6.8.2
6.9~
6.8.2
ubuntu/linux-oracle-6.5<6.9~<6.8.2
6.9~
6.8.2
ubuntu/linux-raspi<5.4.0-1112.124
5.4.0-1112.124
ubuntu/linux-raspi<5.15.0-1058.61
5.15.0-1058.61
ubuntu/linux-raspi<6.8.0-1005.5
6.8.0-1005.5
ubuntu/linux-raspi<6.9~<6.8.2
6.9~
6.8.2
ubuntu/linux-raspi-5.4<6.9~<6.8.2
6.9~
6.8.2
ubuntu/linux-riscv<6.8.0-35.35.1
6.8.0-35.35.1
ubuntu/linux-riscv<6.9~<6.8.2
6.9~
6.8.2
ubuntu/linux-riscv-5.15<5.15.0-1059.63~20.04.1
5.15.0-1059.63~20.04.1
ubuntu/linux-riscv-5.15<6.9~<6.8.2
6.9~
6.8.2
ubuntu/linux-riscv-6.5<6.9~<6.8.2
6.9~
6.8.2
ubuntu/linux-starfive<6.9~<6.8.2
6.9~
6.8.2
ubuntu/linux-starfive-6.5<6.9~<6.8.2
6.9~
6.8.2
ubuntu/linux-xilinx-zynqmp<5.4.0-1047.51
5.4.0-1047.51
ubuntu/linux-xilinx-zynqmp<5.15.0-1030.34
5.15.0-1030.34
ubuntu/linux-xilinx-zynqmp<6.9~<6.8.2
6.9~
6.8.2

Remedy

https://git.kernel.org/linus/dde4eff47c82c52a72af333d9e55370eee6d95d6

Remedy

https://git.kernel.org/linus/e97fe4901e0f59a0bfd524578fe3768f8ca42428

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Reference Links

Parent vulnerabilities

(Appears in the following advisories)

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203