CVE-2024-56781: Vulnerability in Linux Linux
In the Linux kernel, the following vulnerability has been resolved: powerpc/prom_init: Fixup missing powermac #size-cells On some powermacs `escc` nodes are missing `#size-cells` properties, which is deprecated and now triggers a warning at boot since commit 045b14ca5c36 ("of: WARN on deprecated #address-cells/#size-cells handling"). For example: Missing '#size-cells' in /pci@f2000000/mac-io@c/escc@13000 WARNING: CPU: 0 PID: 0 at drivers/of/base.c:133 of_bus_n_size_cells+0x98/0x108 Hardware name: PowerMac3,1 7400 0xc0209 PowerMac ... Call Trace: of_bus_n_size_cells+0x98/0x108 (unreliable) of_bus_default_count_cells+0x40/0x60 __of_get_address+0xc8/0x21c __of_address_to_resource+0x5c/0x228 pmz_init_port+0x5c/0x2ec pmz_probe.isra.0+0x144/0x1e4 pmz_console_init+0x10/0x48 console_init+0xcc/0x138 start_kernel+0x5c4/0x694 As powermacs boot via prom_init it's possible to add the missing properties to the device tree during boot, avoiding the warning. Note that `escc-legacy` nodes are also missing `#size-cells` properties, but they are skipped by the macio driver, so leave them alone. Depends-on: 045b14ca5c36 ("of: WARN on deprecated #address-cells/#size-cells handling")
AI Analysis
Technical Summary
CVE-2024-56781 addresses a vulnerability in the Linux kernel related to the handling of device tree properties on PowerMac systems, specifically within the powerpc/prom_init code path. The issue arises because certain 'escc' nodes in the device tree are missing the '#size-cells' property, which is deprecated but now triggers a warning during system boot following kernel commit 045b14ca5c36. This warning is generated because the Linux kernel has introduced stricter checks on the presence of '#address-cells' and '#size-cells' properties in device tree nodes, which are critical for correctly interpreting hardware resource addresses and sizes. The absence of '#size-cells' in these nodes leads to warnings such as "Missing '#size-cells' in /pci@f2000000/mac-io@c/escc@13000" and a kernel warning trace during boot. The problem specifically affects PowerMac3,1 hardware and related PowerMac models that boot via prom_init. While 'escc-legacy' nodes also lack '#size-cells', they are ignored by the macio driver and thus do not cause issues. The fix involves adding the missing '#size-cells' properties to the device tree during boot to avoid these warnings. This vulnerability is primarily a code quality and hardware description issue rather than a direct security exploit. There are no known exploits in the wild, and no CVSS score has been assigned. The vulnerability does not appear to cause kernel crashes or allow privilege escalation but may affect system stability or hardware initialization correctness on affected PowerMac systems running Linux kernels prior to the fix. The affected versions are identified by a specific commit hash, indicating this is a recent kernel development issue.
Potential Impact
For European organizations, the impact of CVE-2024-56781 is expected to be minimal in terms of direct security risk. The vulnerability manifests as boot-time warnings due to missing device tree properties on PowerMac hardware running Linux. Since PowerMac systems are legacy hardware with limited deployment in modern enterprise environments, the scope of affected systems is very narrow. The issue does not enable remote code execution, privilege escalation, or data compromise. However, organizations that maintain legacy PowerMac Linux systems for specialized industrial, research, or archival purposes might experience boot instability or hardware initialization issues. This could lead to reduced availability or increased maintenance overhead. Given the rarity of PowerMac hardware in contemporary European IT infrastructure, the operational impact is low. Nonetheless, organizations relying on such hardware should address the issue to ensure stable system boots and avoid potential hardware misconfigurations. The absence of known exploits and the nature of the vulnerability as a device tree property warning further reduce the urgency from a security breach perspective.
Mitigation Recommendations
To mitigate the issue, organizations using affected PowerMac Linux systems should apply the kernel patch that adds the missing '#size-cells' properties to the device tree during boot. This involves updating to a Linux kernel version that includes the fix for CVE-2024-56781 or manually patching the device tree source files for the affected hardware nodes. System administrators should verify the device tree nodes under '/pci@f2000000/mac-io@c/escc@13000' and ensure the '#size-cells' property is correctly defined. Since 'escc-legacy' nodes are intentionally skipped, no changes are needed there. It is advisable to test the updated kernel or device tree changes in a controlled environment before deployment to avoid unintended side effects. Additionally, monitoring boot logs for warnings related to '#size-cells' can help identify residual issues. Given the legacy nature of the hardware, organizations should consider hardware lifecycle management strategies, including phasing out PowerMac systems or migrating workloads to supported platforms to reduce future risks. Regular kernel updates and adherence to Linux kernel maintenance best practices will also help prevent similar issues.
Affected Countries
United Kingdom, Germany, France, Netherlands, Sweden
CVE-2024-56781: Vulnerability in Linux Linux
Description
In the Linux kernel, the following vulnerability has been resolved: powerpc/prom_init: Fixup missing powermac #size-cells On some powermacs `escc` nodes are missing `#size-cells` properties, which is deprecated and now triggers a warning at boot since commit 045b14ca5c36 ("of: WARN on deprecated #address-cells/#size-cells handling"). For example: Missing '#size-cells' in /pci@f2000000/mac-io@c/escc@13000 WARNING: CPU: 0 PID: 0 at drivers/of/base.c:133 of_bus_n_size_cells+0x98/0x108 Hardware name: PowerMac3,1 7400 0xc0209 PowerMac ... Call Trace: of_bus_n_size_cells+0x98/0x108 (unreliable) of_bus_default_count_cells+0x40/0x60 __of_get_address+0xc8/0x21c __of_address_to_resource+0x5c/0x228 pmz_init_port+0x5c/0x2ec pmz_probe.isra.0+0x144/0x1e4 pmz_console_init+0x10/0x48 console_init+0xcc/0x138 start_kernel+0x5c4/0x694 As powermacs boot via prom_init it's possible to add the missing properties to the device tree during boot, avoiding the warning. Note that `escc-legacy` nodes are also missing `#size-cells` properties, but they are skipped by the macio driver, so leave them alone. Depends-on: 045b14ca5c36 ("of: WARN on deprecated #address-cells/#size-cells handling")
AI-Powered Analysis
Technical Analysis
CVE-2024-56781 addresses a vulnerability in the Linux kernel related to the handling of device tree properties on PowerMac systems, specifically within the powerpc/prom_init code path. The issue arises because certain 'escc' nodes in the device tree are missing the '#size-cells' property, which is deprecated but now triggers a warning during system boot following kernel commit 045b14ca5c36. This warning is generated because the Linux kernel has introduced stricter checks on the presence of '#address-cells' and '#size-cells' properties in device tree nodes, which are critical for correctly interpreting hardware resource addresses and sizes. The absence of '#size-cells' in these nodes leads to warnings such as "Missing '#size-cells' in /pci@f2000000/mac-io@c/escc@13000" and a kernel warning trace during boot. The problem specifically affects PowerMac3,1 hardware and related PowerMac models that boot via prom_init. While 'escc-legacy' nodes also lack '#size-cells', they are ignored by the macio driver and thus do not cause issues. The fix involves adding the missing '#size-cells' properties to the device tree during boot to avoid these warnings. This vulnerability is primarily a code quality and hardware description issue rather than a direct security exploit. There are no known exploits in the wild, and no CVSS score has been assigned. The vulnerability does not appear to cause kernel crashes or allow privilege escalation but may affect system stability or hardware initialization correctness on affected PowerMac systems running Linux kernels prior to the fix. The affected versions are identified by a specific commit hash, indicating this is a recent kernel development issue.
Potential Impact
For European organizations, the impact of CVE-2024-56781 is expected to be minimal in terms of direct security risk. The vulnerability manifests as boot-time warnings due to missing device tree properties on PowerMac hardware running Linux. Since PowerMac systems are legacy hardware with limited deployment in modern enterprise environments, the scope of affected systems is very narrow. The issue does not enable remote code execution, privilege escalation, or data compromise. However, organizations that maintain legacy PowerMac Linux systems for specialized industrial, research, or archival purposes might experience boot instability or hardware initialization issues. This could lead to reduced availability or increased maintenance overhead. Given the rarity of PowerMac hardware in contemporary European IT infrastructure, the operational impact is low. Nonetheless, organizations relying on such hardware should address the issue to ensure stable system boots and avoid potential hardware misconfigurations. The absence of known exploits and the nature of the vulnerability as a device tree property warning further reduce the urgency from a security breach perspective.
Mitigation Recommendations
To mitigate the issue, organizations using affected PowerMac Linux systems should apply the kernel patch that adds the missing '#size-cells' properties to the device tree during boot. This involves updating to a Linux kernel version that includes the fix for CVE-2024-56781 or manually patching the device tree source files for the affected hardware nodes. System administrators should verify the device tree nodes under '/pci@f2000000/mac-io@c/escc@13000' and ensure the '#size-cells' property is correctly defined. Since 'escc-legacy' nodes are intentionally skipped, no changes are needed there. It is advisable to test the updated kernel or device tree changes in a controlled environment before deployment to avoid unintended side effects. Additionally, monitoring boot logs for warnings related to '#size-cells' can help identify residual issues. Given the legacy nature of the hardware, organizations should consider hardware lifecycle management strategies, including phasing out PowerMac systems or migrating workloads to supported platforms to reduce future risks. Regular kernel updates and adherence to Linux kernel maintenance best practices will also help prevent similar issues.
Affected Countries
For access to advanced analysis and higher rate limits, contact root@offseq.com
Technical Details
- Data Version
- 5.1
- Assigner Short Name
- Linux
- Date Reserved
- 2024-12-29T11:26:39.768Z
- Cisa Enriched
- false
- Cvss Version
- null
- State
- PUBLISHED
Threat ID: 682d9822c4522896dcbde81b
Added to database: 5/21/2025, 9:08:50 AM
Last enriched: 6/28/2025, 8:09:30 AM
Last updated: 7/27/2025, 2:22:32 AM
Views: 10
Related Threats
CVE-2025-43735: CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') in Liferay Portal
MediumCVE-2025-40770: CWE-300: Channel Accessible by Non-Endpoint in Siemens SINEC Traffic Analyzer
HighCVE-2025-40769: CWE-1164: Irrelevant Code in Siemens SINEC Traffic Analyzer
HighCVE-2025-40768: CWE-200: Exposure of Sensitive Information to an Unauthorized Actor in Siemens SINEC Traffic Analyzer
HighCVE-2025-40767: CWE-250: Execution with Unnecessary Privileges in Siemens SINEC Traffic Analyzer
HighActions
Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.
External Links
Need enhanced features?
Contact root@offseq.com for Pro access with improved analysis and higher rate limits.