CVE-2024-56787

Summary

CVE-2024-56787: A vulnerability was discovered in the Linux kernel's soc-imx8m.c driver affecting i.MX8M Plus hardware. When using the driver_async_probe kernel command line option, the driver calls of_clk_get_by_name() to retrieve a clock driver that hasn't been probed yet, resulting in -EPROBE_DEFER error. To mitigate this issue, the SoC code was converted into a platform driver and a platform device was instantiated within its current device_initcall() to probe the platform driver. Additionally, the .soc_revision callback was reworked to always return a valid error code and pass the SoC revision via a parameter. If the callback returns -EPROBE_DEFER, it will be propagated to the probe function and retried later. The reported error occurred during kernel initialization, specifically in the imx8mm_soc_revision function.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.