CVE-2024-56568: 
Linux Kernel vulnerability analysis and mitigation

CVE-2024-56568 affects the Linux kernel's IOMMU/ARM-SMMU component. The vulnerability was discovered and disclosed on December 27, 2024, and impacts Linux kernel versions from 4.9 through 6.12.4. This security issue involves a race condition between the SMMU driver probe and client driver probe processes (NVD).

The vulnerability stems from a race condition in the Linux kernel's ARM SMMU (System Memory Management Unit) driver. The issue occurs when ofdmaconfigure() for the client is called after iommudeviceregister() for the SMMU driver probe has executed but before driverbound() for the SMMU driver is called. This timing issue leads to a null pointer dereference when the SMMU pointer is accessed in armsmmuprobedevice. The vulnerability has been assigned a CVSS v3.1 base score of 4.7 (Medium) with vector string CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H (NVD).

When exploited, this vulnerability can cause a device crash due to null pointer dereference in the armsmmuprobe_device function. The impact is primarily focused on system availability, with no direct impact on confidentiality or integrity (NVD).

The issue has been fixed by deferring the probe of the client device until the SMMU device has bound to the ARM SMMU driver. The fix has been implemented in various kernel versions, including 5.10.234-1 for Debian bullseye, 6.1.123-1 for bookworm, and 6.12.17-1 for sid/trixie (Debian Tracker).