CVE-2024-26842

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The issue is related to a shift problem in the ufshcd clear cmd() function. When task tag is greater than or equal to 32 (in MCQ mode) and the size of an unsigned integer is 4, the expression 1U << task tag will exceed the bounds of a u32 mask. This can cause a SHIFT ISSUE, which refers to bitwise shifts that are out of bounds for their data type. The problem can lead to an unexpected kernel BRK exception at EL1 and internal errors.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Memory Corruption

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-787CWE-119

Related Identifiers

BDU:2026-02262

CVE-2024-26842

ECHO-C4BB-74BE-F8E6

OPENSUSE-SU-2024_2372-1

OPENSUSE-SU-2024_2394-1

SUSE-SU-2024:2372-1

SUSE-SU-2024:2394-1

SUSE-SU-2024:2939-1

SUSE-SU-2024:2973-1

Affected Products

Debian

Linux Kernel

Suse

CVE-2024-26842

Weakness Enumeration

Related Identifiers

Affected Products

References · 2397