{
  "id": "CVE-2024-57985",
  "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
  "published": "2025-02-27T02:15:11.703",
  "lastModified": "2025-02-27T02:15:11.703",
  "vulnStatus": "Received",
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nfirmware: qcom: scm: Cleanup global '__scm' on probe failures\n\nIf SCM driver fails the probe, it should not leave global '__scm'\nvariable assigned, because external users of this driver will assume the\nprobe finished successfully.  For example TZMEM parts ('__scm->mempool')\nare initialized later in the probe, but users of it (__scm_smc_call())\nrely on the '__scm' variable.\n\nThis fixes theoretical NULL pointer exception, triggered via introducing\nprobe deferral in SCM driver with call trace:\n\n  qcom_tzmem_alloc+0x70/0x1ac (P)\n  qcom_tzmem_alloc+0x64/0x1ac (L)\n  qcom_scm_assign_mem+0x78/0x194\n  qcom_rmtfs_mem_probe+0x2d4/0x38c\n  platform_probe+0x68/0xc8"
    }
  ],
  "metrics": {},
  "references": [
    {
      "url": "https://git.kernel.org/stable/c/1e76b546e6fca7eb568161f408133904ca6bcf4f",
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
    },
    {
      "url": "https://git.kernel.org/stable/c/390d3baeba51a126f75c97b90ec28b9384ce4b84",
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
    },
    {
      "url": "https://git.kernel.org/stable/c/faf1715798fe72b79e4432ce8c6d03ca69765425",
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
    }
  ]
}