CVE-2024-58003

CVE-2024-58003 is a vulnerability in the Linux kernel's media i2c ds90ub9x3 subsystem, specifically affecting the ub913 and ub953 drivers. The issue stems from extraneous calls to fwnode_handle_put(priv->sd.fwnode) during the driver removal process. These calls, remnants of a prior code change in commit 905f88ccebb1, result in a reference count "overflow" when the driver is removed multiple times, potentially leading to memory corruption or system crashes. The vulnerability is classified under CWE-787 (Out-of-bounds Write) with a CVSS v3.1 base score of 7.8.

A local attacker with low privileges (AV:L/AC:L/PR:L/UI:N/S:U) can exploit this flaw by triggering repeated removal of the affected drivers. Successful exploitation could grant high-impact confidentiality, integrity, and availability consequences (C:H/I:H/A:H), such as arbitrary memory corruption or kernel crashes, depending on the specific conditions and kernel configuration involving these I2C media drivers.

Mitigation requires applying the relevant stable kernel patches, as detailed in the upstream commit fixes available at kernel.org stable repositories. Key patches include commits 474d7baf91d37bc411fa60de5bbf03c9dd82e18a, 60b45ece41c5632a3a3274115a401cb244180646, 70743d6a8b256225675711e7983825f1be86062d, and f4e4373322f8d4c19721831f7fb989e52d30dab0, which remove the unnecessary fwnode_handle_put() calls to prevent the reference count imbalance. Security practitioners should update affected Linux kernels promptly, particularly those using the ds90ub9x3 drivers in media applications.