CVE-2024-45828

Advisory lineage Upstream: 0 Downstream: 36
Modified
Published: 11 Jan 2025, 12:25
Last modified:11 May 2026, 20:34

Vulnerability Summary

Overall Risk (default)
low
22/100
CVSS Score
5.5 MEDIUM
v3.1 (cve.org)
EPSS Score
0.01% LOW
0% probability -0.03%
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected

Timeline

11 Jan 2025, 12:25
Published
Vulnerability first disclosed
11 May 2026, 20:34
Last Modified
Vulnerability information updated

Description

In the Linux kernel, the following vulnerability has been resolved: i3c: mipi-i3c-hci: Mask ring interrupts before ring stop request Bus cleanup path in DMA mode may trigger a RING_OP_STAT interrupt when the ring is being stopped. Depending on timing between ring stop request completion, interrupt handler removal and code execution this may lead to a NULL pointer dereference in hci_dma_irq_handler() if it gets to run after the io_data pointer is set to NULL in hci_dma_cleanup(). Prevent this my masking the ring interrupts before ring stop request.

CVSS Metrics

  • v3.1MEDIUMScore: 5.5CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

EPSS Trends

Current EPSS score: 0.01% Percentile: 2%

Techniques & Countermeasures

  • CWE-476NULL Pointer Dereference

    The product dereferences a pointer that it expects to be valid but is NULL.

Affected Systems

  • linuxlinux

    ≥ 3a379bbcea0af6280e1ca0d1edfcf4e68cde6ee0, < a6cddf68b3405b272b5a3cad9657be0b02b34bf4 | ≥ 3a379bbcea0af6280e1ca0d1edfcf4e68cde6ee0, < 9d745a56aea45e47f4755bc12e6429d6314dbb54 | ≥ 3a379bbcea0af6280e1ca0d1edfcf4e68cde6ee0, < a6dc4b4fda2e147e557050eaae51ff15edeb680b | ≥ 3a379bbcea0af6280e1ca0d1edfcf4e68cde6ee0, < 19cc5767334bfe980f52421627d0826c0da86721 | ≥ 3a379bbcea0af6280e1ca0d1edfcf4e68cde6ee0, < 6ca2738174e4ee44edb2ab2d86ce74f015a0cc32 | 5.0

  • linuxlinux_kernel

    ≥ 5.0, < 5.15.174 | ≥ 5.16, < 6.1.120 | ≥ 6.2, < 6.6.66 | ≥ 6.7, < 6.12.5

References (6)