CVE-2024-26971: Linux Kernel Vulnerability Fixed in clk: qcom: gcc-ipq5018 Frequency Table Arrays

In the world of cybersecurity, keeping software systems free from vulnerabilities is a crucial task. One such vulnerability has been identified and fixed in the Linux kernel, specifically in the clk: qcom: gcc-ipq5018 module. This post will take you through the details of this vulnerability (CVE-2024-26971), the relevant code changes, and links to the original references for those wishing to take a deeper dive into the topic.

Vulnerability Details

The vulnerability in question concerns the termination of frequency table arrays. These arrays, which are part of the clk: qcom: gcc-ipq5018 module residing in the Linux kernel, should be terminated with an empty element. However, this was not the case in some instances, which could lead to out-of-bound access when the table is traversed by functions like qcom_find_freq() or qcom_find_freq_floor(). This out-of-bound access poses a security risk as it could potentially be exploited by malicious actors if left unaddressed.

Fixing the Vulnerability

To mitigate this issue, developers have introduced a patch that adds the missing empty element to the end of the frequency table arrays. This prevents the possibility of out-of-bound access during traversal, thus making the system more secure. Below, you will find a code snippet that illustrates the change made in the patch:

// Before the patch
static const struct freq_tbl ftbl_gcc_bimc_gpu_clk[] = {
	{ 32000000, P_GPLL_OUT_MAIN,	  1, ,  },
	{ 800000000, P_GPLL_OUT_MAIN, 1, ,  },
};

// After the patch - note the addition of {} at the end
static const struct freq_tbl ftbl_gcc_bimc_gpu_clk[] = {
	{ 32000000, P_GPLL_OUT_MAIN,	  1, ,  },
	{ 800000000, P_GPLL_OUT_MAIN, 1, ,  },
	{},
};

By adding this single empty element {} to the end of the frequency table arrays, developers have effectively fixed the vulnerability, ensuring that potential out-of-bound access does not occur when using the qcom_find_freq() or qcom_find_freq_floor() functions to traverse these tables.

Links and Original References

For those interested in learning more about CVE-2024-26971 and the fix implemented, the following resources will provide additional information:

1. The Linux Kernel Vulnerability announcement regarding the discovery and resolution of this vulnerability can be found here.

2. The Git commit containing the patch and further details are available here.

Conclusion

Vulnerabilities are an unfortunate reality in the world of software development. When discovered and fixed promptly, however, they serve to improve the overall security and robustness of our systems, as demonstrated by the resolution of CVE-2024-26971. By properly terminating frequency table arrays in the clk: qcom: gcc-ipq5018 module of the Linux kernel, developers have addressed a potential security issue and ensured the continued stability of the platform.

Timeline

Published on: 05/01/2024 06:15:13 UTC
Last modified on: 05/29/2024 05:26:09 UTC