In the Linux kernel, the following vulnerability has been resolved:
spi: microchip-core: ensure TX and RX FIFOs are empty at start of a
transfer
While transmitting with rx_len == 0, the RX FIFO is not going to be
emptied in the interrupt handler. A subsequent transfer could then
read crap from the previous transfer out of the RX FIFO into the
start RX buffer. The core provides a register that will empty the RX and
TX FIFOs, so do that before each transfer.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 24.04 | noarch | linux | < any | UNKNOWN |
ubuntu | 24.04 | noarch | linux-aws | < any | UNKNOWN |
ubuntu | 24.04 | noarch | linux-azure | < any | UNKNOWN |
ubuntu | 24.04 | noarch | linux-gcp | < any | UNKNOWN |
ubuntu | 24.04 | noarch | linux-gke | < any | UNKNOWN |
ubuntu | 22.04 | noarch | linux-hwe-6.8 | < any | UNKNOWN |
ubuntu | 24.04 | noarch | linux-ibm | < any | UNKNOWN |
ubuntu | 24.04 | noarch | linux-intel | < any | UNKNOWN |
ubuntu | 24.04 | noarch | linux-lowlatency | < any | UNKNOWN |
ubuntu | 22.04 | noarch | linux-lowlatency-hwe-6.8 | < any | UNKNOWN |
git.kernel.org/linus/9cf71eb0faef4bff01df4264841b8465382d7927 (6.11-rc1)
git.kernel.org/stable/c/3feda3677e8bbe833c3a62a4091377a08f015b80
git.kernel.org/stable/c/45e03d35229b680b79dfea1103a1f2f07d0b5d75
git.kernel.org/stable/c/9cf71eb0faef4bff01df4264841b8465382d7927
launchpad.net/bugs/cve/CVE-2024-42279
nvd.nist.gov/vuln/detail/CVE-2024-42279
security-tracker.debian.org/tracker/CVE-2024-42279
www.cve.org/CVERecord?id=CVE-2024-42279