106 matches found
CVE-2024-26806
A vulnerability was found in the spi: cadence-qspi driver in the Linux kernel, where improper system-wide suspend helper calls were made in the runtime Power Management PM hooks. This issue could lead to unintended behavior during system suspend/resume cycles. Mitigation Mitigation for this issue...
CVE-2024-26807
A vulnerability was found in the Cadence Quad SPI cadence-qspi driver in the Linux kernel. Improper pointer reference handling in the runtime Power Management PM hooks could lead to system instability or potential security risks. Mitigation Mitigation for this issue is either not available or the...
CVE-2024-26807
In the Linux kernel, the following vulnerability has been resolved: Both cadence-quadspi -runtimesuspend and -runtimeresume implementations start with: struct cqspist cqspi = devgetdrvdatadev; struct spicontroller host = devgetdrvdatadev; This obviously cannot be correct, unless "struct cqspist" ...
CVE-2024-26806
In the Linux kernel, the following vulnerability has been resolved: spi: cadence-qspi: remove system-wide suspend helper calls from runtime PM hooks The -runtimesuspend and -runtimeresume callbacks are not expected to call spicontrollersuspend and spicontrollerresume. Remove calls to those in the...
UBUNTU-CVE-2024-26806
In the Linux kernel, the following vulnerability has been resolved: spi: cadence-qspi: remove system-wide suspend helper calls from runtime PM hooks The -runtimesuspend and -runtimeresume callbacks are not expected to call spicontrollersuspend and spicontrollerresume. Remove calls to those in the...
CVE-2024-26807 spi: cadence-qspi: fix pointer reference in runtime PM hooks
In the Linux kernel, the following vulnerability has been resolved: Both cadence-quadspi -runtimesuspend and -runtimeresume implementations start with: struct cqspist cqspi = devgetdrvdatadev; struct spicontroller host = devgetdrvdatadev; This obviously cannot be correct, unless "struct cqspist" ...
CVE-2024-26807
CVE-2024-26807 is a Linux kernel issue in the cadence-quadspi driver where the runtime suspend/resume paths incorrectly retrieve a spi_controller pointer via dev_get_drvdata, potentially using a cqspi_st instead of a spi_controller. This mismatch can cause memory corruption and kernel crashes dur...
CVE-2024-26807 spi: cadence-qspi: fix pointer reference in runtime PM hooks
In the Linux kernel, the following vulnerability has been resolved: Both cadence-quadspi -runtimesuspend and -runtimeresume implementations start with: struct cqspist cqspi = devgetdrvdatadev; struct spicontroller host = devgetdrvdatadev; This obviously cannot be correct, unless "struct cqspist" ...
CVE-2024-26806 spi: cadence-qspi: remove system-wide suspend helper calls from runtime PM hooks
In the Linux kernel, the following vulnerability has been resolved: spi: cadence-qspi: remove system-wide suspend helper calls from runtime PM hooks The -runtimesuspend and -runtimeresume callbacks are not expected to call spicontrollersuspend and spicontrollerresume. Remove calls to those in the...
CVE-2024-26806 spi: cadence-qspi: remove system-wide suspend helper calls from runtime PM hooks
In the Linux kernel, the following vulnerability has been resolved: spi: cadence-qspi: remove system-wide suspend helper calls from runtime PM hooks The -runtimesuspend and -runtimeresume callbacks are not expected to call spicontrollersuspend and spicontrollerresume. Remove calls to those in the...
CVE-2024-26806 spi: cadence-qspi: remove system-wide suspend helper calls from runtime PM hooks
In the Linux kernel, the following vulnerability has been resolved: spi: cadence-qspi: remove system-wide suspend helper calls from runtime PM hooks The -runtimesuspend and -runtimeresume callbacks are not expected to call spicontrollersuspend and spicontrollerresume. Remove calls to those in the...
CVE-2024-26806
CVE-2024-26806 : In the Linux kernel, the cadence-qspi driver’s runtime PM hooks were calling spi_controller_suspend()/resume(), which was not expected and could cause a deadlock when the bus lock is held. The fix removes these calls from cadence-qspi, since cadence-qspi is not queued, and notes ...
CVE-2024-26806
In the Linux kernel, the following vulnerability has been resolved: spi: cadence-qspi: remove system-wide suspend helper calls from runtime PM hooks The -runtimesuspend and -runtimeresume callbacks are not expected to call spicontrollersuspend and spicontrollerresume. Remove calls to those in the...
CVE-2024-26806
In the Linux kernel, the following vulnerability has been resolved: spi: cadence-qspi: remove system-wide suspend helper calls from runtime PM hooks The -runtimesuspend and -runtimeresume callbacks are not expected to call spicontrollersuspend and spicontrollerresume. Remove calls to those in the...
CVE-2024-26807
In the Linux kernel, the following vulnerability has been resolved: Both cadence-quadspi -runtimesuspend and -runtimeresume implementations start with: struct cqspist cqspi = devgetdrvdatadev; struct spicontroller host = devgetdrvdatadev; This obviously cannot be correct, unless "struct cqspist" ...
GSD-2023-1000104 clk: qcom: gdsc: Remove direct runtime PM calls
clk: qcom: gdsc: Remove direct runtime PM calls This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.0.12 by commit...
PT-2023-33181 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.0.12 Description: The issue concerns the removal of direct runtime PM calls in the Linux Kernel. It was introduced in version v5.16 and fixed in version v6.0.12. The actual impact and attack plausibility have...
GSD-2022-1004418 dmaengine: qcom: bam_dma: fix runtime PM underflow
dmaengine: qcom: bamdma: fix runtime PM underflow This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.54 by commit...
GSD-2022-1004202 dmaengine: qcom: bam_dma: fix runtime PM underflow
dmaengine: qcom: bamdma: fix runtime PM underflow This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.18.11 by commit...
GSD-2021-1001049 drm/tegra: sor: Do not leak runtime PM reference
drm/tegra: sor: Do not leak runtime PM reference This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.12.12 by commit...