CVE-2024-58007: 
Linux Kernel vulnerability analysis and mitigation

CVE-2024-58007 affects the Linux kernel's socinfo driver for Qualcomm SoCs. The vulnerability was discovered when it was found that on MSM8916 devices, the serial number exposed in sysfs remained constant across different devices. This out-of-bounds read vulnerability occurs because the firmware used on MSM8916 exposes SOCINFOVERSION(0, 8), which lacks support for the serialnum field in the socinfo struct (Kernel Patch).

The vulnerability stems from an incorrect bounds checking implementation in the socinfo driver. When checking the itemsize returned by SMEM, the code only compared against the start offset of the serialnum field instead of ensuring the entire field was within bounds. This resulted in an out-of-bounds read of memory following the socinfo struct in SMEM. The issue has a CVSS v3.1 base score of 7.1 HIGH with vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H (NVD).

The vulnerability allows reading memory beyond the intended bounds of the socinfo struct, potentially exposing sensitive information from adjacent memory regions. The impact is limited to local attacks as it requires local access to read the sysfs entry.

The vulnerability has been fixed by changing the bounds check from using offsetof() to offsetofend(), ensuring that the size of the field is properly taken into account. The fix has been merged into the Linux kernel and is available through various stable kernel releases (Kernel Patch).