CVE-2024-26807

CVSS v2.0

6.8

Medium

Vector

AV:L/AC:L/Au:S/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions: Linux kernel (affected versions not specified)

Description: The issue is related to the cadence-quadspi driver in the Linux kernel. The ->runtime suspend() and ->runtime resume() implementations start with incorrect assignments, leading to memory corruption and kernel crashes. The struct spi controller *host = dev get drvdata(dev); line is incorrect, as it makes the host point to the same struct cqspi st structure as cqspi, instead of a struct spi controller. This leads to bad things, such as memory corruption and kernel crashes, directly during the ->probe() function, as it enables the device using PM runtime, leading to the ->runtime resume() hook being called, which in turn calls spi controller resume() with the wrong pointer.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

DoS

Memory Corruption

Use After Free

Improper Locking

NULL Pointer Dereference

Buffer Overflow

Untrusted Pointer Dereference

Infinite Loop

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-833CWE-787CWE-416CWE-667CWE-476CWE-170CWE-119CWE-822CWE-835

Related Identifiers

BDU:2025-00068

BDU:2025-04395

BDU:2025-04396

BDU:2025-07485

CVE-2024-26807

DLA-4271-1

DSA-5925-1

ECHO-90CE-AECF-2CBF

OPENSUSE-SU-2024_1490-1

OPENSUSE-SU-2024_1659-1

OPENSUSE-SU-2024_1663-1

SUSE-SU-2024:1490-1

SUSE-SU-2024:1659-1

SUSE-SU-2024:1663-1

SUSE-SU-2024:2135-1

SUSE-SU-2024:2203-1

SUSE-SU-2024:2973-1

SUSE-SU-2025:20008-1

Affected Products

Debian

Linux Kernel

Red Os

Suse

CVE-2024-26807

Weakness Enumeration

Related Identifiers

Affected Products

References · 2556