CVE-2024-42249

Aug. 7, 2024, 7:09 p.m.

None
No Score

Description

In the Linux kernel, the following vulnerability has been resolved: spi: don't unoptimize message in spi_async() Calling spi_maybe_unoptimize_message() in spi_async() is wrong because the message is likely to be in the queue and not transferred yet. This can corrupt the message while it is being used by the controller driver. spi_maybe_unoptimize_message() is already called in the correct place in spi_finalize_current_message() to balance the call to spi_maybe_optimize_message() in spi_async().

Product(s) Impacted

Product Versions
Linux kernel
  • []

Weaknesses

Common security weaknesses mapped to this vulnerability.

References

https://git.kernel.org/stable/c/8b9af6d67517ce4a0015928b3cf35bfd2b1bc1c2
https://git.kernel.org/stable/c/c86a918b1bdba78fb155184f8d88dfba1e63335d

Tags

416baaa9-dc9f-4396-8d5f-8c081fb06d67
2024-08-07
CVE-2024-42249

Timeline

Published: Aug. 7, 2024, 4:15 p.m.
Last Modified: Aug. 7, 2024, 7:09 p.m.

Status : Awaiting Analysis

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

416baaa9-dc9f-4396-8d5f-8c081fb06d67

*Disclaimer: Some vulnerabilities do not have an associated CPE. To enhance the data, we use AI to infer CPEs based on CVE details. This is an automated process and might not always be accurate.