CVE-2024-53134

pmdomain: imx93-blk-ctrl: correct remove path

Description

In the Linux kernel, the following vulnerability has been resolved: pmdomain: imx93-blk-ctrl: correct remove path The check condition should be 'i < bc->onecell_data.num_domains', not 'bc->onecell_data.num_domains' which will make the look never finish and cause kernel panic. Also disable runtime to address "imx93-blk-ctrl 4ac10000.system-controller: Unbalanced pm_runtime_enable!"

References

Link	Tags
https://git.kernel.org/stable/c/8fc228ab5d38a026eae7183a5f74a4fac43d9b6a	patch
https://git.kernel.org/stable/c/201fb9e164a1e4c5937de2cf58bcb0327c08664f	patch
https://git.kernel.org/stable/c/f7c7c5aa556378a2c8da72c1f7f238b6648f95fb	patch

Frequently Asked Questions

What is the severity of CVE-2024-53134?: CVE-2024-53134 has been scored as a medium severity vulnerability.
How to fix CVE-2024-53134?: To fix CVE-2024-53134, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2024-53134 being actively exploited in the wild?: As for now, there are no information to confirm that CVE-2024-53134 is being actively exploited. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2024-53134?: CVE-2024-53134 affects Linux Linux, Linux Linux.

This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.

Description

Category

CWE-670 – Always-Incorrect Control Flow Implementation

References

Frequently Asked Questions