CVE-2024-56754

crypto: caam - Fix the pointer passed to caam_qi_shutdown()

Description

In the Linux kernel, the following vulnerability has been resolved: crypto: caam - Fix the pointer passed to caam_qi_shutdown() The type of the last parameter given to devm_add_action_or_reset() is "struct caam_drv_private *", but in caam_qi_shutdown(), it is casted to "struct device *". Pass the correct parameter to devm_add_action_or_reset() so that the resources are released as expected.

5.5
CVSS
Severity: Medium
CVSS 3.1 •
EPSS 0.04%
Affected: Linux Linux
Affected: Linux Linux
Published at:
Updated at:

References

Link Tags
https://git.kernel.org/stable/c/cc386170b3312fd7b5bc4a69a9f52d7f50814526 patch
https://git.kernel.org/stable/c/6187727e57aec122c8a99c464c74578c810cbe40 patch
https://git.kernel.org/stable/c/66eddb8dcb61065c53098510165f14b54232bcc2 patch
https://git.kernel.org/stable/c/1f8e2f597b918ca5827a5c6d00b819d064264d1c patch
https://git.kernel.org/stable/c/84a185aea7b83f620699de0ea36907d588d89cf6 patch
https://git.kernel.org/stable/c/ad39df0898d3f469776c19d99229be055cc2dcea patch
https://git.kernel.org/stable/c/ad980b04f51f7fb503530bd1cb328ba5e75a250e patch

Frequently Asked Questions

What is the severity of CVE-2024-56754?
CVE-2024-56754 has been scored as a medium severity vulnerability.
How to fix CVE-2024-56754?
To fix CVE-2024-56754, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2024-56754 being actively exploited in the wild?
As for now, there are no information to confirm that CVE-2024-56754 is being actively exploited. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2024-56754?
CVE-2024-56754 affects Linux Linux, Linux Linux.
This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.
© 2025 Under My Watch. All Rights Reserved.