CVE-2024-35942 addresses a vulnerability in the Linux kernel related to the handling of clock domains for the i.MX8MP platform, specifically within the imx8mp_blk driver responsible for block control. The issue arises from improper management of the fdcc clock, which is part of the HDMI RX verification IP. According to the i.MX8MP reference manual and HDMI ADD documentation, the fdcc clock should not be enabled for HDMI TX operations. However, if this clock is disabled before the HDMI or LCDIF (LCD Interface) probe, the LCDIF component fails to receive the necessary pixel clock from the HDMI PHY, leading to errors such as "vblank wait timed out" and kernel warnings logged by the drm_atomic_helper component. This results in display subsystem malfunctions, potentially causing video output failures or degraded graphical performance on affected devices. The fix involves adding the fdcc clock to the LCDIF and HDMI TX power domains to ensure proper clock provisioning and synchronization during initialization and operation. This vulnerability is specific to the Linux kernel's handling of the i.MX8MP SoC's display subsystem clocks and does not appear to have known exploits in the wild at this time.

For European organizations utilizing embedded systems or devices based on the NXP i.MX8MP platform running Linux—common in industrial automation, automotive infotainment, medical devices, and certain IoT deployments—this vulnerability could lead to display subsystem failures. Such failures might cause system instability, degraded user interfaces, or complete loss of video output, impacting operational continuity and user experience. In critical infrastructure or industrial environments, where visual feedback and monitoring are essential, this could delay response times or complicate troubleshooting. Although the vulnerability does not directly expose systems to remote code execution or data breaches, the resulting denial of service to display components could indirectly affect system availability and reliability. Given the lack of known exploits and the technical nature of the issue, the immediate risk is moderate but should not be overlooked in environments relying on the affected hardware and kernel versions.

To mitigate this vulnerability, organizations should: 1) Apply the official Linux kernel patches that add the fdcc clock to the LCDIF and HDMI TX power domains as recommended by the Linux kernel maintainers and NXP. 2) Verify that all devices using the i.MX8MP platform are running updated kernel versions incorporating this fix. 3) Conduct thorough testing of display functionality post-patch to ensure no regressions or residual issues. 4) For custom or embedded Linux distributions, rebuild and redeploy kernels with the fix integrated. 5) Monitor system logs for any display-related errors or warnings that could indicate incomplete mitigation. 6) Engage with device vendors or integrators to confirm firmware and driver updates include this patch. 7) Maintain an inventory of affected devices to prioritize patching efforts and reduce exposure windows. These steps go beyond generic advice by focusing on the specific hardware platform and kernel component involved.