CVE-2024-58034

HIGH EPSS 12.0%
Published Feb 27, 20251y ago · Modified Jun 17, 20262w ago
7.8 CVSS 3.1
High
Find Similar
Published Feb 27, 2025 1y ago
Last Modified Jun 17, 2026 2w ago

Description

In the Linux kernel, the following vulnerability has been resolved: memory: tegra20-emc: fix an OF node reference bug in tegra_emc_find_node_by_ram_code() As of_find_node_by_name() release the reference of the argument device node, tegra_emc_find_node_by_ram_code() releases some device nodes while still in use, resulting in possible UAFs. According to the bindings and the in-tree DTS files, the "emc-tables" node is always device's child node with the property "nvidia,use-ram-code", and the "lpddr2" node is a child of the "emc-tables" node. Thus utilize the for_each_child_of_node() macro and of_get_child_by_name() instead of of_find_node_by_name() to simplify the code. This bug was found by an experimental verification tool that I am developing. [krzysztof: applied v1, adjust the commit msg to incorporate v2 parts]

CVSS Details

Base Score
7.8
Exploitability
1.8
Impact
5.9
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality High
Integrity High
Availability High

Threat Intelligence

EPSS Exploit Probability
12.0% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Weaknesses 1

CWE-416 Use After Free Memory Safety

Affected Products 5

VendorProductVersionRange
linuxlinux_kernel*≥5.0  –  <5.15.179
linuxlinux_kernel*≥5.16  –  <6.1.129
linuxlinux_kernel*≥6.2  –  <6.6.76
linuxlinux_kernel*≥6.7  –  <6.12.13
linuxlinux_kernel*≥6.13  –  <6.13.2

References 7

  • git.kernel.org https://git.kernel.org/stable/c/3b02273446e23961d910b50cc12528faec649fb2
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/755e44538c190c31de9090d8e8821d228fcfd416
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/b9784e5cde1f9fb83661a70e580e381ae1264d12
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/c144423cb07e4e227a8572d5742ca2b36ada770d
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/c3def10c610ae046aaa61d00528e7bd15e4ad8d3
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/e9d07e91de140679eeaf275f47ad154467cb9e05
    Patch
  • lists.debian.org https://lists.debian.org/debian-lts-announce/2025/03/msg00028.html

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/3b02273446e23961d910b50cc12528faec649fb2
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/755e44538c190c31de9090d8e8821d228fcfd416
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/b9784e5cde1f9fb83661a70e580e381ae1264d12
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/c144423cb07e4e227a8572d5742ca2b36ada770d
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/c3def10c610ae046aaa61d00528e7bd15e4ad8d3
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/e9d07e91de140679eeaf275f47ad154467cb9e05
    Patch