CVE-2024-35997

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The issue is related to the i2c hid xfer() function in the i2c-hid component of the Linux kernel. The problem arises when the I2C HID READ PENDING flag is set and an interrupt occurs, causing the interrupt handler i2c hid irq to return immediately without taking any action. This leads to the interrupt handler being invoked again in an infinite loop, resulting in a lock-up. The I2C HID READ PENDING flag is used to serialize I2C operations, but it is not necessary because the I2C core already has its own locking mechanism.

Recommendations To resolve the issue, remove the I2C HID READ PENDING flag to prevent lock-up. As a temporary workaround, consider disabling the i2c hid xfer() function until a patch is available. Restrict access to the i2c-hid component to minimize the risk of exploitation. Avoid using the I2C HID READ PENDING flag in the affected API endpoints until the issue is resolved. Update to a newer version of the Linux kernel, such as version 6.6.37, which fixes bugs and vulnerabilities, including this issue.