CVE-2024-53157: Vulnerability in Linux Linux
In the Linux kernel, the following vulnerability has been resolved: firmware: arm_scpi: Check the DVFS OPP count returned by the firmware Fix a kernel crash with the below call trace when the SCPI firmware returns OPP count of zero. dvfs_info.opp_count may be zero on some platforms during the reboot test, and the kernel will crash after dereferencing the pointer to kcalloc(info->count, sizeof(*opp), GFP_KERNEL). | Unable to handle kernel NULL pointer dereference at virtual address 0000000000000028 | Mem abort info: | ESR = 0x96000004 | Exception class = DABT (current EL), IL = 32 bits | SET = 0, FnV = 0 | EA = 0, S1PTW = 0 | Data abort info: | ISV = 0, ISS = 0x00000004 | CM = 0, WnR = 0 | user pgtable: 4k pages, 48-bit VAs, pgdp = 00000000faefa08c | [0000000000000028] pgd=0000000000000000 | Internal error: Oops: 96000004 [#1] SMP | scpi-hwmon: probe of PHYT000D:00 failed with error -110 | Process systemd-udevd (pid: 1701, stack limit = 0x00000000aaede86c) | CPU: 2 PID: 1701 Comm: systemd-udevd Not tainted 4.19.90+ #1 | Hardware name: PHYTIUM LTD Phytium FT2000/4/Phytium FT2000/4, BIOS | pstate: 60000005 (nZCv daif -PAN -UAO) | pc : scpi_dvfs_recalc_rate+0x40/0x58 [clk_scpi] | lr : clk_register+0x438/0x720 | Call trace: | scpi_dvfs_recalc_rate+0x40/0x58 [clk_scpi] | devm_clk_hw_register+0x50/0xa0 | scpi_clk_ops_init.isra.2+0xa0/0x138 [clk_scpi] | scpi_clocks_probe+0x528/0x70c [clk_scpi] | platform_drv_probe+0x58/0xa8 | really_probe+0x260/0x3d0 | driver_probe_device+0x12c/0x148 | device_driver_attach+0x74/0x98 | __driver_attach+0xb4/0xe8 | bus_for_each_dev+0x88/0xe0 | driver_attach+0x30/0x40 | bus_add_driver+0x178/0x2b0 | driver_register+0x64/0x118 | __platform_driver_register+0x54/0x60 | scpi_clocks_driver_init+0x24/0x1000 [clk_scpi] | do_one_initcall+0x54/0x220 | do_init_module+0x54/0x1c8 | load_module+0x14a4/0x1668 | __se_sys_finit_module+0xf8/0x110 | __arm64_sys_finit_module+0x24/0x30 | el0_svc_common+0x78/0x170 | el0_svc_handler+0x38/0x78 | el0_svc+0x8/0x340 | Code: 937d7c00 a94153f3 a8c27bfd f9400421 (b8606820) | ---[ end trace 06feb22469d89fa8 ]--- | Kernel panic - not syncing: Fatal exception | SMP: stopping secondary CPUs | Kernel Offset: disabled | CPU features: 0x10,a0002008 | Memory Limit: none
AI Analysis
Technical Summary
CVE-2024-53157 is a vulnerability identified in the Linux kernel specifically related to the ARM SCPI (System Control and Power Interface) firmware driver. The issue arises when the SCPI firmware returns a Dynamic Voltage and Frequency Scaling (DVFS) Operating Performance Point (OPP) count of zero. The kernel code fails to properly validate this count before dereferencing a pointer, leading to a NULL pointer dereference and subsequent kernel crash (kernel panic). The vulnerability manifests during the reboot test phase on certain platforms, notably those using the Phytium FT2000/4 ARM-based processors, as indicated by the call trace and hardware details. The crash occurs in the function scpi_dvfs_recalc_rate, which attempts to allocate memory based on the OPP count without checking if the count is zero, resulting in a fatal exception and system halt. This vulnerability can cause denial of service (DoS) by crashing the kernel, disrupting system availability. The problem is rooted in improper input validation of firmware data, which is critical for stable power and clock management in ARM-based Linux systems. No known exploits are reported in the wild, and no CVSS score has been assigned yet. The vulnerability affects Linux kernel versions identified by the commit hashes provided, which correspond to versions prior to the fix. The issue is particularly relevant for ARM-based Linux deployments that rely on SCPI firmware for DVFS management, including certain server and embedded platforms.
Potential Impact
For European organizations, the primary impact of CVE-2024-53157 is the potential for denial of service due to kernel crashes on affected ARM-based Linux systems. This can disrupt critical infrastructure, cloud services, and embedded systems that utilize affected hardware and kernel versions. Organizations running ARM server platforms or specialized ARM-based devices in data centers, telecommunications, or industrial control systems may experience unexpected reboots or downtime. The vulnerability could affect system stability during reboot cycles or firmware updates, potentially impacting availability of services. While no direct confidentiality or integrity compromise is indicated, the loss of availability can have cascading effects on business operations, especially for sectors relying on high uptime and real-time processing. The lack of known exploits reduces immediate risk, but the vulnerability should be addressed promptly to avoid service interruptions. European entities using ARM-based Linux servers or embedded devices in critical roles should be aware of this issue and plan for timely patching to maintain operational continuity.
Mitigation Recommendations
To mitigate CVE-2024-53157, organizations should: 1) Identify all Linux systems running on ARM architectures that utilize SCPI firmware for DVFS, particularly those with kernel versions prior to the patch commit. 2) Apply the official Linux kernel patches that validate the OPP count returned by the firmware before dereferencing pointers, ensuring the kernel gracefully handles zero OPP counts without crashing. 3) Test kernel updates in controlled environments to confirm stability and compatibility with existing hardware and firmware. 4) Monitor system logs for signs of kernel panics or SCPI-related errors, especially during reboot or firmware update cycles. 5) Coordinate with hardware vendors, especially those providing ARM-based platforms like Phytium, to obtain firmware updates or guidance on mitigating this issue. 6) Implement robust backup and recovery procedures to minimize downtime in case of unexpected crashes. 7) Consider deploying kernel crash monitoring and automated reboot mechanisms to reduce service disruption. These steps go beyond generic advice by focusing on firmware interaction, hardware-specific considerations, and operational continuity planning.
Affected Countries
Germany, France, United Kingdom, Netherlands, Sweden, Finland, Estonia
CVE-2024-53157: Vulnerability in Linux Linux
Description
In the Linux kernel, the following vulnerability has been resolved: firmware: arm_scpi: Check the DVFS OPP count returned by the firmware Fix a kernel crash with the below call trace when the SCPI firmware returns OPP count of zero. dvfs_info.opp_count may be zero on some platforms during the reboot test, and the kernel will crash after dereferencing the pointer to kcalloc(info->count, sizeof(*opp), GFP_KERNEL). | Unable to handle kernel NULL pointer dereference at virtual address 0000000000000028 | Mem abort info: | ESR = 0x96000004 | Exception class = DABT (current EL), IL = 32 bits | SET = 0, FnV = 0 | EA = 0, S1PTW = 0 | Data abort info: | ISV = 0, ISS = 0x00000004 | CM = 0, WnR = 0 | user pgtable: 4k pages, 48-bit VAs, pgdp = 00000000faefa08c | [0000000000000028] pgd=0000000000000000 | Internal error: Oops: 96000004 [#1] SMP | scpi-hwmon: probe of PHYT000D:00 failed with error -110 | Process systemd-udevd (pid: 1701, stack limit = 0x00000000aaede86c) | CPU: 2 PID: 1701 Comm: systemd-udevd Not tainted 4.19.90+ #1 | Hardware name: PHYTIUM LTD Phytium FT2000/4/Phytium FT2000/4, BIOS | pstate: 60000005 (nZCv daif -PAN -UAO) | pc : scpi_dvfs_recalc_rate+0x40/0x58 [clk_scpi] | lr : clk_register+0x438/0x720 | Call trace: | scpi_dvfs_recalc_rate+0x40/0x58 [clk_scpi] | devm_clk_hw_register+0x50/0xa0 | scpi_clk_ops_init.isra.2+0xa0/0x138 [clk_scpi] | scpi_clocks_probe+0x528/0x70c [clk_scpi] | platform_drv_probe+0x58/0xa8 | really_probe+0x260/0x3d0 | driver_probe_device+0x12c/0x148 | device_driver_attach+0x74/0x98 | __driver_attach+0xb4/0xe8 | bus_for_each_dev+0x88/0xe0 | driver_attach+0x30/0x40 | bus_add_driver+0x178/0x2b0 | driver_register+0x64/0x118 | __platform_driver_register+0x54/0x60 | scpi_clocks_driver_init+0x24/0x1000 [clk_scpi] | do_one_initcall+0x54/0x220 | do_init_module+0x54/0x1c8 | load_module+0x14a4/0x1668 | __se_sys_finit_module+0xf8/0x110 | __arm64_sys_finit_module+0x24/0x30 | el0_svc_common+0x78/0x170 | el0_svc_handler+0x38/0x78 | el0_svc+0x8/0x340 | Code: 937d7c00 a94153f3 a8c27bfd f9400421 (b8606820) | ---[ end trace 06feb22469d89fa8 ]--- | Kernel panic - not syncing: Fatal exception | SMP: stopping secondary CPUs | Kernel Offset: disabled | CPU features: 0x10,a0002008 | Memory Limit: none
AI-Powered Analysis
Technical Analysis
CVE-2024-53157 is a vulnerability identified in the Linux kernel specifically related to the ARM SCPI (System Control and Power Interface) firmware driver. The issue arises when the SCPI firmware returns a Dynamic Voltage and Frequency Scaling (DVFS) Operating Performance Point (OPP) count of zero. The kernel code fails to properly validate this count before dereferencing a pointer, leading to a NULL pointer dereference and subsequent kernel crash (kernel panic). The vulnerability manifests during the reboot test phase on certain platforms, notably those using the Phytium FT2000/4 ARM-based processors, as indicated by the call trace and hardware details. The crash occurs in the function scpi_dvfs_recalc_rate, which attempts to allocate memory based on the OPP count without checking if the count is zero, resulting in a fatal exception and system halt. This vulnerability can cause denial of service (DoS) by crashing the kernel, disrupting system availability. The problem is rooted in improper input validation of firmware data, which is critical for stable power and clock management in ARM-based Linux systems. No known exploits are reported in the wild, and no CVSS score has been assigned yet. The vulnerability affects Linux kernel versions identified by the commit hashes provided, which correspond to versions prior to the fix. The issue is particularly relevant for ARM-based Linux deployments that rely on SCPI firmware for DVFS management, including certain server and embedded platforms.
Potential Impact
For European organizations, the primary impact of CVE-2024-53157 is the potential for denial of service due to kernel crashes on affected ARM-based Linux systems. This can disrupt critical infrastructure, cloud services, and embedded systems that utilize affected hardware and kernel versions. Organizations running ARM server platforms or specialized ARM-based devices in data centers, telecommunications, or industrial control systems may experience unexpected reboots or downtime. The vulnerability could affect system stability during reboot cycles or firmware updates, potentially impacting availability of services. While no direct confidentiality or integrity compromise is indicated, the loss of availability can have cascading effects on business operations, especially for sectors relying on high uptime and real-time processing. The lack of known exploits reduces immediate risk, but the vulnerability should be addressed promptly to avoid service interruptions. European entities using ARM-based Linux servers or embedded devices in critical roles should be aware of this issue and plan for timely patching to maintain operational continuity.
Mitigation Recommendations
To mitigate CVE-2024-53157, organizations should: 1) Identify all Linux systems running on ARM architectures that utilize SCPI firmware for DVFS, particularly those with kernel versions prior to the patch commit. 2) Apply the official Linux kernel patches that validate the OPP count returned by the firmware before dereferencing pointers, ensuring the kernel gracefully handles zero OPP counts without crashing. 3) Test kernel updates in controlled environments to confirm stability and compatibility with existing hardware and firmware. 4) Monitor system logs for signs of kernel panics or SCPI-related errors, especially during reboot or firmware update cycles. 5) Coordinate with hardware vendors, especially those providing ARM-based platforms like Phytium, to obtain firmware updates or guidance on mitigating this issue. 6) Implement robust backup and recovery procedures to minimize downtime in case of unexpected crashes. 7) Consider deploying kernel crash monitoring and automated reboot mechanisms to reduce service disruption. These steps go beyond generic advice by focusing on firmware interaction, hardware-specific considerations, and operational continuity planning.
Affected Countries
For access to advanced analysis and higher rate limits, contact root@offseq.com
Technical Details
- Data Version
- 5.1
- Assigner Short Name
- Linux
- Date Reserved
- 2024-11-19T17:17:25.001Z
- Cisa Enriched
- false
- Cvss Version
- null
- State
- PUBLISHED
Threat ID: 682d9823c4522896dcbdeda2
Added to database: 5/21/2025, 9:08:51 AM
Last enriched: 6/28/2025, 10:12:20 AM
Last updated: 8/14/2025, 4:47:27 PM
Views: 15
Related Threats
CVE-2025-53948: CWE-415 Double Free in Santesoft Sante PACS Server
HighCVE-2025-52584: CWE-122 Heap-based Buffer Overflow in Ashlar-Vellum Cobalt
HighCVE-2025-46269: CWE-122 Heap-based Buffer Overflow in Ashlar-Vellum Cobalt
HighCVE-2025-54862: CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') in Santesoft Sante PACS Server
MediumCVE-2025-54759: CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') in Santesoft Sante PACS Server
MediumActions
Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.
External Links
Need enhanced features?
Contact root@offseq.com for Pro access with improved analysis and higher rate limits.