Description

In the Linux kernel, the following vulnerability has been resolved: spi: don't unoptimize message in spi_async() Calling spi_maybe_unoptimize_message() in spi_async() is wrong because the message is likely to be in the queue and not transferred yet. This can corrupt the message while it is being used by the controller driver. spi_maybe_unoptimize_message() is already called in the correct place in spi_finalize_current_message() to balance the call to spi_maybe_optimize_message() in spi_async().

INFO

Published Date :

2024-08-07T15:14:33.418Z

Last Modified :

2025-05-04T09:25:04.122Z

Source :

Linux
AFFECTED PRODUCTS

The following products are affected by CVE-2024-42249 vulnerability.

Vendors Products
Linux
  • Linux Kernel
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2024-42249.

URL Resource
https://git.kernel.org/stable/c/8b9af6d67517ce4a0015928b3cf35bfd2b1bc1c2 cve-icon cve-icon
https://git.kernel.org/stable/c/c86a918b1bdba78fb155184f8d88dfba1e63335d cve-icon cve-icon
https://lore.kernel.org/linux-cve-announce/2024080742-CVE-2024-42249-ada7@gregkh/T cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2024-42249 cve-icon
https://www.cve.org/CVERecord?id=CVE-2024-42249 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact