NVD Vulnerability Detail

CVE-2024-42319

Summary	In the Linux kernel, the following vulnerability has been resolved: mailbox: mtk-cmdq: Move devm_mbox_controller_register() after devm_pm_runtime_enable() When mtk-cmdq unbinds, a WARN_ON message with condition pm_runtime_get_sync() < 0 occurs. According to the call tracei below: cmdq_mbox_shutdown mbox_free_channel mbox_controller_unregister __devm_mbox_controller_unregister ... The root cause can be deduced to be calling pm_runtime_get_sync() after calling pm_runtime_disable() as observed below: 1. CMDQ driver uses devm_mbox_controller_register() in cmdq_probe() to bind the cmdq device to the mbox_controller, so devm_mbox_controller_unregister() will automatically unregister the device bound to the mailbox controller when the device-managed resource is removed. That means devm_mbox_controller_unregister() and cmdq_mbox_shoutdown() will be called after cmdq_remove(). 2. CMDQ driver also uses devm_pm_runtime_enable() in cmdq_probe() after devm_mbox_controller_register(), so that devm_pm_runtime_disable() will be called after cmdq_remove(), but before devm_mbox_controller_unregister(). To fix this problem, cmdq_probe() needs to move devm_mbox_controller_register() after devm_pm_runtime_enable() to make devm_pm_runtime_disable() be called after devm_mbox_controller_unregister().
Publication Date	Aug. 17, 2024, 6:15 p.m.
Registration Date	Aug. 26, 2024, 5:01 p.m.
Last Update	Aug. 19, 2024, 9:59 p.m.

Related information, measures and tools

No	URL	refsource	タグ
1	https://git.kernel.org/stable/c/11fa625b45faf0649118b9deaf2d31c86ac41911
2	https://git.kernel.org/stable/c/a8bd68e4329f9a0ad1b878733e0f80be6a971649

Common Vulnerabilities List

JVN Vulnerability Information

Linux の Linux Kernel における脆弱性

Title	Linux の Linux Kernel における脆弱性
Summary	Linux の Linux Kernel には、不特定の脆弱性が存在します。
Possible impacts	サービス運用妨害 (DoS) 状態にされる可能性があります。
Solution	ベンダより正式な対策が公開されています。ベンダ情報を参照して適切な対策を実施してください。
Publication Date	July 19, 2024, midnight
Registration Date	Oct. 9, 2025, 4:47 p.m.
Last Update	Oct. 9, 2025, 4:47 p.m.

Affected System

Linux

Linux Kernel 4.19 以上 6.1.120 未満

Linux Kernel 6.2 以上 6.6.64 未満

Linux Kernel 6.7 以上 6.10.3 未満

CVE (情報セキュリティ共通脆弱性識別子)

No	Name	URL
Common Vulnerabilities and Exposures (CVE)
1	CVE-2024-42319	https://www.cve.org/CVERecord?id=CVE-2024-42319
National Vulnerability Database (NVD)
2	CVE-2024-42319	https://nvd.nist.gov/vuln/detail/CVE-2024-42319

CWE (共通脆弱性タイプ一覧)

No	Name	URL
JVNDB
1	CWE-noinfo	https://www.ipa.go.jp/security/vuln/scap/cwe.html

ベンダー情報

No	Name	URL
Kernel.org git repositories
1	mailbox: mtk-cmdq: Move devm_mbox_controller_register() after devm_pm_runtime_enable() (11fa625)	https://git.kernel.org/stable/c/11fa625b45faf0649118b9deaf2d31c86ac41911
2	mailbox: mtk-cmdq: Move devm_mbox_controller_register() after devm_pm_runtime_enable() (1403991)	https://git.kernel.org/stable/c/1403991a40b94438a2acc749bf05c117abdb34f9
3	mailbox: mtk-cmdq: Move devm_mbox_controller_register() after devm_pm_runtime_enable() (a8bd68e)	https://git.kernel.org/stable/c/a8bd68e4329f9a0ad1b878733e0f80be6a971649
4	mailbox: mtk-cmdq: Move devm_mbox_controller_register() after devm_pm_runtime_enable() (d00df67)	https://git.kernel.org/stable/c/d00df6700ad10974a7e20646956f4ff22cdbe0ec
Linux Kernel
5	Linux Kernel Archives	https://www.kernel.org

Change Log

No	Changed Details	Date of change
1	[2025年10月09日] 掲載	Oct. 9, 2025, 12:38 p.m.