{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-15T22:44:39.384","vulnerabilities":[{"cve":{"id":"CVE-2024-58084","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2025-03-06T17:15:21.890","lastModified":"2025-10-01T20:18:14.117","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nfirmware: qcom: scm: Fix missing read barrier in qcom_scm_get_tzmem_pool()\n\nCommit 2e4955167ec5 (\"firmware: qcom: scm: Fix __scm and waitq\ncompletion variable initialization\") introduced a write barrier in probe\nfunction to store global '__scm' variable.  We all known barriers are\npaired (see memory-barriers.txt: \"Note that write barriers should\nnormally be paired with read or address-dependency barriers\"), therefore\naccessing it from concurrent contexts requires read barrier.  Previous\ncommit added such barrier in qcom_scm_is_available(), so let's use that\ndirectly.\n\nLack of this read barrier can result in fetching stale '__scm' variable\nvalue, NULL, and dereferencing it.\n\nNote that barrier in qcom_scm_is_available() satisfies here the control\ndependency."},{"lang":"es","value":"En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: firmware: qcom: scm: Fix missing read barrier in qcom_scm_get_tzmem_pool() el commit 2e4955167ec5 (\"firmware: qcom: scm: Fix __scm and waitq ending variable initialization\") introdujo una barrera de escritura en la función de sondeo para almacenar la variable global '__scm'. Todos sabemos que las barreras están emparejadas (consulte memory-barriers.txt: \"Note que las barreras de escritura normalmente deben emparejarse con barreras de lectura o de dependencia de dirección\"), por lo tanto, acceder a ellas desde contextos concurrentes requiere una barrera de lectura. Una confirmación anterior agregó dicha barrera en qcom_scm_is_available(), así que usémosla directamente. La falta de esta barrera de lectura puede resultar en la obtención del valor de la variable '__scm' obsoleto, NULL, y su desreferenciación. Tenga en cuenta que la barrera en qcom_scm_is_available() satisface aquí la dependencia de control."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":3.6},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":3.6}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-476"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-476"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.11","versionEndIncluding":"6.12.14","matchCriteriaId":"7C014E1B-02EA-488C-AD8B-52F51437381F"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.13","versionEndIncluding":"6.13.3","matchCriteriaId":"DDB61369-A1FA-42E6-A1FC-78476A6D432A"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/b628510397b5cafa1f5d3e848a28affd1c635302","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/e03db7c1255ebabba5e1a447754faeb138de15a2","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/fee921e3c641f64185abee83f9a6e65f0b380682","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]}]}}]}