CVE-2024-42279

spi: microchip-core: ensure TX and RX FIFOs are empty at start of a transfer

EPSS 0.2%

Vexday Risk Score

3Low

SSVC decision (CISA)

Track

No exploitation signal → monitor

CVSS —EPSS 0.2%KEV nãoPoC —Nuclei —Metasploit —Patch —

Lifecycle

17 Aug 2024Published on NVD

Recommendation: Monitor — no exploitation signal at the moment.

In the Linux kernel, the following vulnerability has been resolved: spi: microchip-core: ensure TX and RX FIFOs are empty at start of a transfer While transmitting with rx_len == 0, the RX FIFO is not going to be emptied in the interrupt handler. A subsequent transfer could then read crap from the previous transfer out of the RX FIFO into the start RX buffer. The core provides a register that will empty the RX and TX FIFOs, so do that before each transfer.

Affected products

Linux · Linux

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://git.kernel.org/stable/c/3feda3677e8bbe833c3a62a4091377a08f015b80 https://git.kernel.org/stable/c/45e03d35229b680b79dfea1103a1f2f07d0b5d75 https://git.kernel.org/stable/c/9cf71eb0faef4bff01df4264841b8465382d7927