Vulnerability Description
In the Linux kernel, the following vulnerability has been resolved: misc: lis3lv02d_i2c: Fix regulators getting en-/dis-abled twice on suspend/resume When not configured for wakeup lis3lv02d_i2c_suspend() will call lis3lv02d_poweroff() even if the device has already been turned off by the runtime-suspend handler and if configured for wakeup and the device is runtime-suspended at this point then it is not turned back on to serve as a wakeup source. Before commit b1b9f7a49440 ("misc: lis3lv02d_i2c: Add missing setting of the reg_ctrl callback"), lis3lv02d_poweroff() failed to disable the regulators which as a side effect made calling poweroff() twice ok. Now that poweroff() correctly disables the regulators, doing this twice triggers a WARN() in the regulator core: unbalanced disables for regulator-dummy WARNING: CPU: 1 PID: 92 at drivers/regulator/core.c:2999 _regulator_disable ... Fix lis3lv02d_i2c_suspend() to not call poweroff() a second time if already runtime-suspended and add a poweron() call when necessary to make wakeup work. lis3lv02d_i2c_resume() has similar issues, with an added weirness that it always powers on the device if it is runtime suspended, after which the first runtime-resume will call poweron() again, causing the enabled count for the regulator to increase by 1 every suspend/resume. These unbalanced regulator_enable() calls cause the regulator to never be turned off and trigger the following WARN() on driver unbind: WARNING: CPU: 1 PID: 1724 at drivers/regulator/core.c:2396 _regulator_put Fix this by making lis3lv02d_i2c_resume() mirror the new suspend().
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Linux | Linux Kernel | >= 6.1.77, < 6.1.84 |
References
- https://git.kernel.org/stable/c/4154e767354140db7804207117e7238fb337b0e7Patch
- https://git.kernel.org/stable/c/997ca415384612c8df76d99d9a768e0b3f42b325Patch
- https://git.kernel.org/stable/c/ac3e0384073b2408d6cb0d972fee9fcc3776053dPatch
- https://git.kernel.org/stable/c/f6df761182fc953907b18aba5049fc2a044ecb45Patch
- https://git.kernel.org/stable/c/4154e767354140db7804207117e7238fb337b0e7Patch
- https://git.kernel.org/stable/c/997ca415384612c8df76d99d9a768e0b3f42b325Patch
- https://git.kernel.org/stable/c/ac3e0384073b2408d6cb0d972fee9fcc3776053dPatch
- https://git.kernel.org/stable/c/f6df761182fc953907b18aba5049fc2a044ecb45Patch
FAQ
What is CVE-2024-35824?
CVE-2024-35824 is a vulnerability with a CVSS score of 5.5 (MEDIUM). In the Linux kernel, the following vulnerability has been resolved: misc: lis3lv02d_i2c: Fix regulators getting en-/dis-abled twice on suspend/resume When not configured for wakeup lis3lv02d_i2c_sus...
How severe is CVE-2024-35824?
CVE-2024-35824 has been rated MEDIUM with a CVSS base score of 5.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2024-35824?
Check the references section above for vendor advisories and patch information. Affected products include: Linux Linux Kernel.