PT-2024-29804 · Linux · Linux Kernel
David Lechner
·
Published
2024-07-08
·
Updated
2024-08-09
·
CVE-2024-42249
CVSS v3.1
3.3
Low
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
Linux kernel (affected versions not specified)
Description
The issue arises from the incorrect call to
spi maybe unoptimize message() in spi async(), which can corrupt the message while it is being used by the controller driver. This is because the message is likely to be in the queue and not transferred yet. The function spi maybe unoptimize message() is already called in the correct place in spi finalize current message() to balance the call to spi maybe optimize message() in spi async().Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Exploit
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Linux Kernel