CVE-2024-35997 - Vulnerability Details

In the Linux kernel, the following vulnerability has been resolved: HID: i2c-hid: remove I2C_HID_READ_PENDING flag to prevent lock-up The flag I2C_HID_READ_PENDING is used to serialize I2C operations. However, this is not necessary, because I2C core already has its own locking for that. More importantly, this flag can cause a lock-up: if the flag is set in i2c_hid_xfer() and an interrupt happens, the interrupt handler (i2c_hid_irq) will check this flag and return immediately without doing anything, then the interrupt handler will be invoked again in an infinite loop. Since interrupt handler is an RT task, it takes over the CPU and the flag-clearing task never gets scheduled, thus we have a lock-up. Delete this unnecessary flag.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable no

Technical Impact partial

Vendors	Products
Linux	Linux Kernel

Configuration 1 [-]

OR	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::

No data.

References

Link	Providers
https://git.kernel.org/stable/c/0561b65fbd53d3e788c5b0222d9112ca016fd6a1
https://git.kernel.org/stable/c/21bfca822cfc1e71796124e93b46e0d9fa584401
https://git.kernel.org/stable/c/29e94f295bad5be59cf4271a93e22cdcf5536722
https://git.kernel.org/stable/c/418c5575d56410c6e186ab727bf32ae32447d497
https://git.kernel.org/stable/c/5095b93021b899f54c9355bebf36d78854c33a22
https://git.kernel.org/stable/c/9c0f59e47a90c54d0153f8ddc0f80d7a36207d0e
https://git.kernel.org/stable/c/b65fb50e04a95eec34a9d1bc138454a98a5578d8
https://git.kernel.org/stable/c/c448a9fd50f77e8fb9156ff64848aa4295eb3003
https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html
https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html
https://lore.kernel.org/linux-cve-announce/2024052022-CVE-2024-35997-1a3c@gregkh/T
https://nvd.nist.gov/vuln/detail/CVE-2024-35997
https://www.cve.org/CVERecord?id=CVE-2024-35997

History

Thu, 16 Jan 2025 21:45:00 +0000

Type	Values Removed	Values Added
Weaknesses	CWE-400

Thu, 16 Jan 2025 21:15:00 +0000

Type	Values Removed	Values Added
CPEs		cpe:2.3:o:linux:linux_kernel:-:::::::*
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2024-05-20T09:48:00.363Z

Updated: 2025-05-04T09:10:11.851Z

Reserved: 2024-05-17T13:50:33.148Z

Link: CVE-2024-35997

Vulnrichment

Updated: 2024-08-02T03:30:12.481Z

NVD

Status : Modified

Published: 2024-05-20T10:15:13.960

Modified: 2025-01-16T21:15:15.603

Link: CVE-2024-35997

Redhat

Severity : Low

Publid Date: 2024-05-20T00:00:00Z

Links: CVE-2024-35997 - Bugzilla

Show plain JSON

{"dataType": "CVE_RECORD", "cveMetadata": {"cveId": "CVE-2024-35997", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2024-05-17T13:50:33.148Z", "datePublished": "2024-05-20T09:48:00.363Z", "dateUpdated": "2025-05-04T09:10:11.851Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2025-05-04T09:10:11.851Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: i2c-hid: remove I2C_HID_READ_PENDING flag to prevent lock-up\n\nThe flag I2C_HID_READ_PENDING is used to serialize I2C operations.\nHowever, this is not necessary, because I2C core already has its own\nlocking for that.\n\nMore importantly, this flag can cause a lock-up: if the flag is set in\ni2c_hid_xfer() and an interrupt happens, the interrupt handler\n(i2c_hid_irq) will check this flag and return immediately without doing\nanything, then the interrupt handler will be invoked again in an\ninfinite loop.\n\nSince interrupt handler is an RT task, it takes over the CPU and the\nflag-clearing task never gets scheduled, thus we have a lock-up.\n\nDelete this unnecessary flag."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/hid/i2c-hid/i2c-hid-core.c"], "versions": [{"version": "4a200c3b9a40242652b5734630bdd0bcf3aca75f", "lessThan": "21bfca822cfc1e71796124e93b46e0d9fa584401", "status": "affected", "versionType": "git"}, {"version": "4a200c3b9a40242652b5734630bdd0bcf3aca75f", "lessThan": "c448a9fd50f77e8fb9156ff64848aa4295eb3003", "status": "affected", "versionType": "git"}, {"version": "4a200c3b9a40242652b5734630bdd0bcf3aca75f", "lessThan": "5095b93021b899f54c9355bebf36d78854c33a22", "status": "affected", "versionType": "git"}, {"version": "4a200c3b9a40242652b5734630bdd0bcf3aca75f", "lessThan": "b65fb50e04a95eec34a9d1bc138454a98a5578d8", "status": "affected", "versionType": "git"}, {"version": "4a200c3b9a40242652b5734630bdd0bcf3aca75f", "lessThan": "0561b65fbd53d3e788c5b0222d9112ca016fd6a1", "status": "affected", "versionType": "git"}, {"version": "4a200c3b9a40242652b5734630bdd0bcf3aca75f", "lessThan": "29e94f295bad5be59cf4271a93e22cdcf5536722", "status": "affected", "versionType": "git"}, {"version": "4a200c3b9a40242652b5734630bdd0bcf3aca75f", "lessThan": "418c5575d56410c6e186ab727bf32ae32447d497", "status": "affected", "versionType": "git"}, {"version": "4a200c3b9a40242652b5734630bdd0bcf3aca75f", "lessThan": "9c0f59e47a90c54d0153f8ddc0f80d7a36207d0e", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/hid/i2c-hid/i2c-hid-core.c"], "versions": [{"version": "3.8", "status": "affected"}, {"version": "0", "lessThan": "3.8", "status": "unaffected", "versionType": "semver"}, {"version": "4.19.313", "lessThanOrEqual": "4.19.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.4.275", "lessThanOrEqual": "5.4.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.10.216", "lessThanOrEqual": "5.10.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.15.158", "lessThanOrEqual": "5.15.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.1.90", "lessThanOrEqual": "6.1.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.6.30", "lessThanOrEqual": "6.6.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.8.9", "lessThanOrEqual": "6.8.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.9", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "3.8", "versionEndExcluding": "4.19.313"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "3.8", "versionEndExcluding": "5.4.275"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "3.8", "versionEndExcluding": "5.10.216"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "3.8", "versionEndExcluding": "5.15.158"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "3.8", "versionEndExcluding": "6.1.90"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "3.8", "versionEndExcluding": "6.6.30"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "3.8", "versionEndExcluding": "6.8.9"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "3.8", "versionEndExcluding": "6.9"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/21bfca822cfc1e71796124e93b46e0d9fa584401"}, {"url": "https://git.kernel.org/stable/c/c448a9fd50f77e8fb9156ff64848aa4295eb3003"}, {"url": "https://git.kernel.org/stable/c/5095b93021b899f54c9355bebf36d78854c33a22"}, {"url": "https://git.kernel.org/stable/c/b65fb50e04a95eec34a9d1bc138454a98a5578d8"}, {"url": "https://git.kernel.org/stable/c/0561b65fbd53d3e788c5b0222d9112ca016fd6a1"}, {"url": "https://git.kernel.org/stable/c/29e94f295bad5be59cf4271a93e22cdcf5536722"}, {"url": "https://git.kernel.org/stable/c/418c5575d56410c6e186ab727bf32ae32447d497"}, {"url": "https://git.kernel.org/stable/c/9c0f59e47a90c54d0153f8ddc0f80d7a36207d0e"}], "title": "HID: i2c-hid: remove I2C_HID_READ_PENDING flag to prevent lock-up", "x_generator": {"engine": "bippy-1.2.0"}}, "adp": [{"affected": [{"vendor": "linux", "product": "linux_kernel", "cpes": ["cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "4a200c3b9a40", "status": "affected", "lessThan": "c448a9fd50f7", "versionType": "custom"}]}, {"vendor": "linux", "product": "linux_kernel", "cpes": ["cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "4a200c3b9a40", "status": "affected", "lessThan": "b65fb50e04a9", "versionType": "custom"}]}, {"vendor": "linux", "product": "linux_kernel", "cpes": ["cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "4a200c3b9a40", "status": "affected", "lessThan": "5095b93021b8", "versionType": "custom"}]}, {"vendor": "linux", "product": "linux_kernel", "cpes": ["cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "4a200c3b9a40", "status": "affected", "lessThan": "21bfca822cfc", "versionType": "custom"}]}, {"vendor": "linux", "product": "linux_kernel", "cpes": ["cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "4a200c3b9a40", "status": "affected", "lessThan": "29e94f295bad", "versionType": "custom"}]}, {"vendor": "linux", "product": "linux_kernel", "cpes": ["cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "4a200c3b9a40", "status": "affected", "lessThan": "418c5575d564", "versionType": "custom"}]}, {"vendor": "linux", "product": "linux_kernel", "cpes": ["cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "4a200c3b9a40", "status": "affected", "lessThanOrEqual": "9c0f59e47a90", "versionType": "custom"}]}, {"vendor": "linux", "product": "linux_kernel", "cpes": ["cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "3.8", "status": "affected"}]}, {"vendor": "linux", "product": "linux_kernel", "cpes": ["cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "unaffected", "lessThan": "3.8", "versionType": "custom"}]}, {"vendor": "linux", "product": "linux_kernel", "cpes": ["cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "4.19.313", "status": "unaffected", "lessThanOrEqual": "4.20", "versionType": "custom"}]}, {"vendor": "linux", "product": "linux_kernel", "cpes": ["cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "5.4.275", "status": "unaffected", "lessThanOrEqual": "5.5", "versionType": "custom"}]}, {"vendor": "linux", "product": "linux_kernel", "cpes": ["cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "5.10.216", "status": "unaffected", "lessThanOrEqual": "5.11", "versionType": "custom"}]}, {"vendor": "linux", "product": "linux_kernel", "cpes": ["cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "5.15.158", "status": "unaffected", "lessThanOrEqual": "5.16", "versionType": "custom"}]}, {"vendor": "linux", "product": "linux_kernel", "cpes": ["cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "6.1.90", "status": "unaffected", "lessThanOrEqual": "6.2", "versionType": "custom"}]}, {"vendor": "linux", "product": "linux_kernel", "cpes": ["cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "6.6.30", "status": "unaffected", "lessThanOrEqual": "6.7", "versionType": "custom"}]}, {"vendor": "linux", "product": "linux_kernel", "cpes": ["cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "6.8.9", "status": "unaffected", "lessThanOrEqual": "6.9", "versionType": "custom"}]}, {"vendor": "linux", "product": "linux_kernel", "cpes": ["cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "6.9", "status": "unaffected"}]}, {"vendor": "linux", "product": "linux_kernel", "cpes": ["cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThan": "0561b65fbd53", "versionType": "custom"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-01-16T21:06:56.094266Z", "id": "CVE-2024-35997", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-01-16T21:08:33.482Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T03:30:12.481Z"}, "title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/21bfca822cfc1e71796124e93b46e0d9fa584401", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/c448a9fd50f77e8fb9156ff64848aa4295eb3003", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/5095b93021b899f54c9355bebf36d78854c33a22", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/b65fb50e04a95eec34a9d1bc138454a98a5578d8", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/0561b65fbd53d3e788c5b0222d9112ca016fd6a1", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/29e94f295bad5be59cf4271a93e22cdcf5536722", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/418c5575d56410c6e186ab727bf32ae32447d497", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/9c0f59e47a90c54d0153f8ddc0f80d7a36207d0e", "tags": ["x_transferred"]}, {"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html", "tags": ["x_transferred"]}, {"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html", "tags": ["x_transferred"]}]}]}, "dataVersion": "5.1"}

{

dataType : CVE_RECORD (string)

cveMetadata : { »

cveId : CVE-2024-35997 (string)

assignerOrgId : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

state : PUBLISHED (string)

assignerShortName : Linux (string)

dateReserved : 2024-05-17T13:50:33.148Z (string)

datePublished : 2024-05-20T09:48:00.363Z (string)

dateUpdated : 2025-05-04T09:10:11.851Z (string)

}

containers : { »

cna : { »

providerMetadata : { »

orgId : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

shortName : Linux (string)

dateUpdated : 2025-05-04T09:10:11.851Z (string)

}

descriptions : [ »

0 : { »

lang : en (string)

value : In the Linux kernel, the following vulnerability has been resolved: HID: i2c-hid: remove I2C_HID_READ_PENDING flag to prevent lock-up The flag I2C_HID_READ_PENDING is used to serialize I2C operations. However, this is not necessary, because I2C core already has its own locking for that. More importantly, this flag can cause a lock-up: if the flag is set in i2c_hid_xfer() and an interrupt happens, the interrupt handler (i2c_hid_irq) will check this flag and return immediately without doing anything, then the interrupt handler will be invoked again in an infinite loop. Since interrupt handler is an RT task, it takes over the CPU and the flag-clearing task never gets scheduled, thus we have a lock-up. Delete this unnecessary flag. (string)

}

]

affected : [ »

0 : { »

product : Linux (string)

vendor : Linux (string)

defaultStatus : unaffected (string)

repo : https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git (string)

programFiles : [ »

0 : drivers/hid/i2c-hid/i2c-hid-core.c (string)

]

versions : [ »

0 : { »

version : 4a200c3b9a40242652b5734630bdd0bcf3aca75f (string)

lessThan : 21bfca822cfc1e71796124e93b46e0d9fa584401 (string)

status : affected (string)

versionType : git (string)

}

1 : { »

version : 4a200c3b9a40242652b5734630bdd0bcf3aca75f (string)

lessThan : c448a9fd50f77e8fb9156ff64848aa4295eb3003 (string)

status : affected (string)

versionType : git (string)

}

2 : { »

version : 4a200c3b9a40242652b5734630bdd0bcf3aca75f (string)

lessThan : 5095b93021b899f54c9355bebf36d78854c33a22 (string)

status : affected (string)

versionType : git (string)

}

3 : { »

version : 4a200c3b9a40242652b5734630bdd0bcf3aca75f (string)

lessThan : b65fb50e04a95eec34a9d1bc138454a98a5578d8 (string)

status : affected (string)

versionType : git (string)

}

4 : { »

version : 4a200c3b9a40242652b5734630bdd0bcf3aca75f (string)

lessThan : 0561b65fbd53d3e788c5b0222d9112ca016fd6a1 (string)

status : affected (string)

versionType : git (string)

}

5 : { »

version : 4a200c3b9a40242652b5734630bdd0bcf3aca75f (string)

lessThan : 29e94f295bad5be59cf4271a93e22cdcf5536722 (string)

status : affected (string)

versionType : git (string)

}

6 : { »

version : 4a200c3b9a40242652b5734630bdd0bcf3aca75f (string)

lessThan : 418c5575d56410c6e186ab727bf32ae32447d497 (string)

status : affected (string)

versionType : git (string)

}

7 : { »

version : 4a200c3b9a40242652b5734630bdd0bcf3aca75f (string)

lessThan : 9c0f59e47a90c54d0153f8ddc0f80d7a36207d0e (string)

status : affected (string)

versionType : git (string)

}

]

}

1 : { »

product : Linux (string)

vendor : Linux (string)

defaultStatus : affected (string)

repo : https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git (string)

programFiles : [ »

0 : drivers/hid/i2c-hid/i2c-hid-core.c (string)

]

versions : [ »

0 : { »

version : 3.8 (string)

status : affected (string)

}

1 : { »

version : 0 (string)

lessThan : 3.8 (string)

status : unaffected (string)

versionType : semver (string)

}

2 : { »

version : 4.19.313 (string)

lessThanOrEqual : 4.19.* (string)

status : unaffected (string)

versionType : semver (string)

}

3 : { »

version : 5.4.275 (string)

lessThanOrEqual : 5.4.* (string)

status : unaffected (string)

versionType : semver (string)

}

4 : { »

version : 5.10.216 (string)

lessThanOrEqual : 5.10.* (string)

status : unaffected (string)

versionType : semver (string)

}

5 : { »

version : 5.15.158 (string)

lessThanOrEqual : 5.15.* (string)

status : unaffected (string)

versionType : semver (string)

}

6 : { »

version : 6.1.90 (string)

lessThanOrEqual : 6.1.* (string)

status : unaffected (string)

versionType : semver (string)

}

7 : { »

version : 6.6.30 (string)

lessThanOrEqual : 6.6.* (string)

status : unaffected (string)

versionType : semver (string)

}

8 : { »

version : 6.8.9 (string)

lessThanOrEqual : 6.8.* (string)

status : unaffected (string)

versionType : semver (string)

}

9 : { »

version : 6.9 (string)

lessThanOrEqual : * (string)

status : unaffected (string)

versionType : original_commit_for_fix (string)

}

]

}

]

cpeApplicability : [ »

0 : { »

nodes : [ »

0 : { »

operator : OR (string)

negate : false (boolean)

cpeMatch : [ »

0 : { »

vulnerable : true (boolean)

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

versionStartIncluding : 3.8 (string)

versionEndExcluding : 4.19.313 (string)

}

1 : { »

vulnerable : true (boolean)

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

versionStartIncluding : 3.8 (string)

versionEndExcluding : 5.4.275 (string)

}

2 : { »

vulnerable : true (boolean)

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

versionStartIncluding : 3.8 (string)

versionEndExcluding : 5.10.216 (string)

}

3 : { »

vulnerable : true (boolean)

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

versionStartIncluding : 3.8 (string)

versionEndExcluding : 5.15.158 (string)

}

4 : { »

vulnerable : true (boolean)

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

versionStartIncluding : 3.8 (string)

versionEndExcluding : 6.1.90 (string)

}

5 : { »

vulnerable : true (boolean)

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

versionStartIncluding : 3.8 (string)

versionEndExcluding : 6.6.30 (string)

}

6 : { »

vulnerable : true (boolean)

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

versionStartIncluding : 3.8 (string)

versionEndExcluding : 6.8.9 (string)

}

7 : { »

vulnerable : true (boolean)

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

versionStartIncluding : 3.8 (string)

versionEndExcluding : 6.9 (string)

}

]

}

]

}

]

references : [ »

0 : { »

url : https://git.kernel.org/stable/c/21bfca822cfc1e71796124e93b46e0d9fa584401 (string)

}

1 : { »

url : https://git.kernel.org/stable/c/c448a9fd50f77e8fb9156ff64848aa4295eb3003 (string)

}

2 : { »

url : https://git.kernel.org/stable/c/5095b93021b899f54c9355bebf36d78854c33a22 (string)

}

3 : { »

url : https://git.kernel.org/stable/c/b65fb50e04a95eec34a9d1bc138454a98a5578d8 (string)

}

4 : { »

url : https://git.kernel.org/stable/c/0561b65fbd53d3e788c5b0222d9112ca016fd6a1 (string)

}

5 : { »

url : https://git.kernel.org/stable/c/29e94f295bad5be59cf4271a93e22cdcf5536722 (string)

}

6 : { »

url : https://git.kernel.org/stable/c/418c5575d56410c6e186ab727bf32ae32447d497 (string)

}

7 : { »

url : https://git.kernel.org/stable/c/9c0f59e47a90c54d0153f8ddc0f80d7a36207d0e (string)

}

]

title : HID: i2c-hid: remove I2C_HID_READ_PENDING flag to prevent lock-up (string)

x_generator : { »

engine : bippy-1.2.0 (string)

}

adp : [ »

0 : { »

affected : [ »

0 : { »

vendor : linux (string)

product : linux_kernel (string)

cpes : [ »

0 : cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:* (string)

]

defaultStatus : unknown (string)

versions : [ »

0 : { »

version : 4a200c3b9a40 (string)

status : affected (string)

lessThan : c448a9fd50f7 (string)

versionType : custom (string)

}

]

}

1 : { »

vendor : linux (string)

product : linux_kernel (string)

cpes : [ »

0 : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

]

defaultStatus : unknown (string)

versions : [ »

0 : { »

version : 4a200c3b9a40 (string)

status : affected (string)

lessThan : b65fb50e04a9 (string)

versionType : custom (string)

}

]

}

2 : { »

vendor : linux (string)

product : linux_kernel (string)

cpes : [ »

0 : cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:* (string)

]

defaultStatus : unknown (string)

versions : [ »

0 : { »

version : 4a200c3b9a40 (string)

status : affected (string)

lessThan : 5095b93021b8 (string)

versionType : custom (string)

}

]

}

3 : { »

vendor : linux (string)

product : linux_kernel (string)

cpes : [ »

0 : cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:* (string)

]

defaultStatus : unknown (string)

versions : [ »

0 : { »

version : 4a200c3b9a40 (string)

status : affected (string)

lessThan : 21bfca822cfc (string)

versionType : custom (string)

}

]

}

4 : { »

vendor : linux (string)

product : linux_kernel (string)

cpes : [ »

0 : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

]

defaultStatus : unknown (string)

versions : [ »

0 : { »

version : 4a200c3b9a40 (string)

status : affected (string)

lessThan : 29e94f295bad (string)

versionType : custom (string)

}

]

}

5 : { »

vendor : linux (string)

product : linux_kernel (string)

cpes : [ »

0 : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

]

defaultStatus : unknown (string)

versions : [ »

0 : { »

version : 4a200c3b9a40 (string)

status : affected (string)

lessThan : 418c5575d564 (string)

versionType : custom (string)

}

]

}

6 : { »

vendor : linux (string)

product : linux_kernel (string)

cpes : [ »

0 : cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:* (string)

]

defaultStatus : unknown (string)

versions : [ »

0 : { »

version : 4a200c3b9a40 (string)

status : affected (string)

lessThanOrEqual : 9c0f59e47a90 (string)

versionType : custom (string)

}

]

}

7 : { »

vendor : linux (string)

product : linux_kernel (string)

cpes : [ »

0 : cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:* (string)

]

defaultStatus : unknown (string)

versions : [ »

0 : { »

version : 3.8 (string)

status : affected (string)

}

]

}

8 : { »

vendor : linux (string)

product : linux_kernel (string)

cpes : [ »

0 : cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:* (string)

]

defaultStatus : unknown (string)

versions : [ »

0 : { »

version : 0 (string)

status : unaffected (string)

lessThan : 3.8 (string)

versionType : custom (string)

}

]

}

9 : { »

vendor : linux (string)

product : linux_kernel (string)

cpes : [ »

0 : cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:* (string)

]

defaultStatus : unknown (string)

versions : [ »

0 : { »

version : 4.19.313 (string)

status : unaffected (string)

lessThanOrEqual : 4.20 (string)

versionType : custom (string)

}

]

}

10 : { »

vendor : linux (string)

product : linux_kernel (string)

cpes : [ »

0 : cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:* (string)

]

defaultStatus : unknown (string)

versions : [ »

0 : { »

version : 5.4.275 (string)

status : unaffected (string)

lessThanOrEqual : 5.5 (string)

versionType : custom (string)

}

]

}

11 : { »

vendor : linux (string)

product : linux_kernel (string)

cpes : [ »

0 : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

]

defaultStatus : unknown (string)

versions : [ »

0 : { »

version : 5.10.216 (string)

status : unaffected (string)

lessThanOrEqual : 5.11 (string)

versionType : custom (string)

}

]

}

12 : { »

vendor : linux (string)

product : linux_kernel (string)

cpes : [ »

0 : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

]

defaultStatus : unknown (string)

versions : [ »

0 : { »

version : 5.15.158 (string)

status : unaffected (string)

lessThanOrEqual : 5.16 (string)

versionType : custom (string)

}

]

}

13 : { »

vendor : linux (string)

product : linux_kernel (string)

cpes : [ »

0 : cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:* (string)

]

defaultStatus : unknown (string)

versions : [ »

0 : { »

version : 6.1.90 (string)

status : unaffected (string)

lessThanOrEqual : 6.2 (string)

versionType : custom (string)

}

]

}

14 : { »

vendor : linux (string)

product : linux_kernel (string)

cpes : [ »

0 : cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:* (string)

]

defaultStatus : unknown (string)

versions : [ »

0 : { »

version : 6.6.30 (string)

status : unaffected (string)

lessThanOrEqual : 6.7 (string)

versionType : custom (string)

}

]

}

15 : { »

vendor : linux (string)

product : linux_kernel (string)

cpes : [ »

0 : cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:* (string)

]

defaultStatus : unknown (string)

versions : [ »

0 : { »

version : 6.8.9 (string)

status : unaffected (string)

lessThanOrEqual : 6.9 (string)

versionType : custom (string)

}

]

}

16 : { »

vendor : linux (string)

product : linux_kernel (string)

cpes : [ »

0 : cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:* (string)

]

defaultStatus : unknown (string)

versions : [ »

0 : { »

version : 6.9 (string)

status : unaffected (string)

}

]

}

17 : { »

vendor : linux (string)

product : linux_kernel (string)

cpes : [ »

0 : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

]

defaultStatus : unknown (string)

versions : [ »

0 : { »

version : 0 (string)

status : affected (string)

lessThan : 0561b65fbd53 (string)

versionType : custom (string)

}

]

}

]

metrics : [ »

0 : { »

other : { »

type : ssvc (string)

content : { »

timestamp : 2025-01-16T21:06:56.094266Z (string)

id : CVE-2024-35997 (string)

options : [ »

0 : { »

Exploitation : none (string)

}

1 : { »

Automatable : no (string)

}

2 : { »

Technical Impact : partial (string)

}

]

role : CISA Coordinator (string)

version : 2.0.3 (string)

}

]

title : CISA ADP Vulnrichment (string)

providerMetadata : { »

orgId : 134c704f-9b21-4f2e-91b3-4a467353bcc0 (string)

shortName : CISA-ADP (string)

dateUpdated : 2025-01-16T21:08:33.482Z (string)

}

1 : { »

providerMetadata : { »

orgId : af854a3a-2127-422b-91ae-364da2661108 (string)

shortName : CVE (string)

dateUpdated : 2024-08-02T03:30:12.481Z (string)

}

title : CVE Program Container (string)

references : [ »

0 : { »

url : https://git.kernel.org/stable/c/21bfca822cfc1e71796124e93b46e0d9fa584401 (string)

tags : [ »

0 : x_transferred (string)

]

}

1 : { »

url : https://git.kernel.org/stable/c/c448a9fd50f77e8fb9156ff64848aa4295eb3003 (string)

tags : [ »

0 : x_transferred (string)

]

}

2 : { »

url : https://git.kernel.org/stable/c/5095b93021b899f54c9355bebf36d78854c33a22 (string)

tags : [ »

0 : x_transferred (string)

]

}

3 : { »

url : https://git.kernel.org/stable/c/b65fb50e04a95eec34a9d1bc138454a98a5578d8 (string)

tags : [ »

0 : x_transferred (string)

]

}

4 : { »

url : https://git.kernel.org/stable/c/0561b65fbd53d3e788c5b0222d9112ca016fd6a1 (string)

tags : [ »

0 : x_transferred (string)

]

}

5 : { »

url : https://git.kernel.org/stable/c/29e94f295bad5be59cf4271a93e22cdcf5536722 (string)

tags : [ »

0 : x_transferred (string)

]

}

6 : { »

url : https://git.kernel.org/stable/c/418c5575d56410c6e186ab727bf32ae32447d497 (string)

tags : [ »

0 : x_transferred (string)

]

}

7 : { »

url : https://git.kernel.org/stable/c/9c0f59e47a90c54d0153f8ddc0f80d7a36207d0e (string)

tags : [ »

0 : x_transferred (string)

]

}

8 : { »

url : https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html (string)

tags : [ »

0 : x_transferred (string)

]

}

9 : { »

url : https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html (string)

tags : [ »

0 : x_transferred (string)

]

}

]

}

]

}

dataVersion : 5.1 (string)

}

Show plain JSON

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/21bfca822cfc1e71796124e93b46e0d9fa584401", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/c448a9fd50f77e8fb9156ff64848aa4295eb3003", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/5095b93021b899f54c9355bebf36d78854c33a22", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/b65fb50e04a95eec34a9d1bc138454a98a5578d8", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/0561b65fbd53d3e788c5b0222d9112ca016fd6a1", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/29e94f295bad5be59cf4271a93e22cdcf5536722", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/418c5575d56410c6e186ab727bf32ae32447d497", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/9c0f59e47a90c54d0153f8ddc0f80d7a36207d0e", "tags": ["x_transferred"]}, {"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html", "tags": ["x_transferred"]}, {"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T03:30:12.481Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-35997", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-01-16T21:06:56.094266Z"}}}], "affected": [{"cpes": ["cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"], "vendor": "linux", "product": "linux_kernel", "versions": [{"status": "affected", "version": "4a200c3b9a40", "lessThan": "c448a9fd50f7", "versionType": "custom"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*"], "vendor": "linux", "product": "linux_kernel", "versions": [{"status": "affected", "version": "4a200c3b9a40", "lessThan": "b65fb50e04a9", "versionType": "custom"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"], "vendor": "linux", "product": "linux_kernel", "versions": [{"status": "affected", "version": "4a200c3b9a40", "lessThan": "5095b93021b8", "versionType": "custom"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"], "vendor": "linux", "product": "linux_kernel", "versions": [{"status": "affected", "version": "4a200c3b9a40", "lessThan": "21bfca822cfc", "versionType": "custom"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*"], "vendor": "linux", "product": "linux_kernel", "versions": [{"status": "affected", "version": "4a200c3b9a40", "lessThan": "29e94f295bad", "versionType": "custom"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*"], "vendor": "linux", "product": "linux_kernel", "versions": [{"status": "affected", "version": "4a200c3b9a40", "lessThan": "418c5575d564", "versionType": "custom"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"], "vendor": "linux", "product": "linux_kernel", "versions": [{"status": "affected", "version": "4a200c3b9a40", "versionType": "custom", "lessThanOrEqual": "9c0f59e47a90"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"], "vendor": "linux", "product": "linux_kernel", "versions": [{"status": "affected", "version": "3.8"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"], "vendor": "linux", "product": "linux_kernel", "versions": [{"status": "unaffected", "version": "0", "lessThan": "3.8", "versionType": "custom"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"], "vendor": "linux", "product": "linux_kernel", "versions": [{"status": "unaffected", "version": "4.19.313", "versionType": "custom", "lessThanOrEqual": "4.20"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"], "vendor": "linux", "product": "linux_kernel", "versions": [{"status": "unaffected", "version": "5.4.275", "versionType": "custom", "lessThanOrEqual": "5.5"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*"], "vendor": "linux", "product": "linux_kernel", "versions": [{"status": "unaffected", "version": "5.10.216", "versionType": "custom", "lessThanOrEqual": "5.11"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*"], "vendor": "linux", "product": "linux_kernel", "versions": [{"status": "unaffected", "version": "5.15.158", "versionType": "custom", "lessThanOrEqual": "5.16"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"], "vendor": "linux", "product": "linux_kernel", "versions": [{"status": "unaffected", "version": "6.1.90", "versionType": "custom", "lessThanOrEqual": "6.2"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"], "vendor": "linux", "product": "linux_kernel", "versions": [{"status": "unaffected", "version": "6.6.30", "versionType": "custom", "lessThanOrEqual": "6.7"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"], "vendor": "linux", "product": "linux_kernel", "versions": [{"status": "unaffected", "version": "6.8.9", "versionType": "custom", "lessThanOrEqual": "6.9"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"], "vendor": "linux", "product": "linux_kernel", "versions": [{"status": "unaffected", "version": "6.9"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*"], "vendor": "linux", "product": "linux_kernel", "versions": [{"status": "affected", "version": "0", "lessThan": "0561b65fbd53", "versionType": "custom"}], "defaultStatus": "unknown"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-12T19:11:17.552Z"}}], "cna": {"title": "HID: i2c-hid: remove I2C_HID_READ_PENDING flag to prevent lock-up", "affected": [{"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "4a200c3b9a40242652b5734630bdd0bcf3aca75f", "lessThan": "21bfca822cfc1e71796124e93b46e0d9fa584401", "versionType": "git"}, {"status": "affected", "version": "4a200c3b9a40242652b5734630bdd0bcf3aca75f", "lessThan": "c448a9fd50f77e8fb9156ff64848aa4295eb3003", "versionType": "git"}, {"status": "affected", "version": "4a200c3b9a40242652b5734630bdd0bcf3aca75f", "lessThan": "5095b93021b899f54c9355bebf36d78854c33a22", "versionType": "git"}, {"status": "affected", "version": "4a200c3b9a40242652b5734630bdd0bcf3aca75f", "lessThan": "b65fb50e04a95eec34a9d1bc138454a98a5578d8", "versionType": "git"}, {"status": "affected", "version": "4a200c3b9a40242652b5734630bdd0bcf3aca75f", "lessThan": "0561b65fbd53d3e788c5b0222d9112ca016fd6a1", "versionType": "git"}, {"status": "affected", "version": "4a200c3b9a40242652b5734630bdd0bcf3aca75f", "lessThan": "29e94f295bad5be59cf4271a93e22cdcf5536722", "versionType": "git"}, {"status": "affected", "version": "4a200c3b9a40242652b5734630bdd0bcf3aca75f", "lessThan": "418c5575d56410c6e186ab727bf32ae32447d497", "versionType": "git"}, {"status": "affected", "version": "4a200c3b9a40242652b5734630bdd0bcf3aca75f", "lessThan": "9c0f59e47a90c54d0153f8ddc0f80d7a36207d0e", "versionType": "git"}], "programFiles": ["drivers/hid/i2c-hid/i2c-hid-core.c"], "defaultStatus": "unaffected"}, {"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "3.8"}, {"status": "unaffected", "version": "0", "lessThan": "3.8", "versionType": "semver"}, {"status": "unaffected", "version": "4.19.313", "versionType": "semver", "lessThanOrEqual": "4.19.*"}, {"status": "unaffected", "version": "5.4.275", "versionType": "semver", "lessThanOrEqual": "5.4.*"}, {"status": "unaffected", "version": "5.10.216", "versionType": "semver", "lessThanOrEqual": "5.10.*"}, {"status": "unaffected", "version": "5.15.158", "versionType": "semver", "lessThanOrEqual": "5.15.*"}, {"status": "unaffected", "version": "6.1.90", "versionType": "semver", "lessThanOrEqual": "6.1.*"}, {"status": "unaffected", "version": "6.6.30", "versionType": "semver", "lessThanOrEqual": "6.6.*"}, {"status": "unaffected", "version": "6.8.9", "versionType": "semver", "lessThanOrEqual": "6.8.*"}, {"status": "unaffected", "version": "6.9", "versionType": "original_commit_for_fix", "lessThanOrEqual": "*"}], "programFiles": ["drivers/hid/i2c-hid/i2c-hid-core.c"], "defaultStatus": "affected"}], "references": [{"url": "https://git.kernel.org/stable/c/21bfca822cfc1e71796124e93b46e0d9fa584401"}, {"url": "https://git.kernel.org/stable/c/c448a9fd50f77e8fb9156ff64848aa4295eb3003"}, {"url": "https://git.kernel.org/stable/c/5095b93021b899f54c9355bebf36d78854c33a22"}, {"url": "https://git.kernel.org/stable/c/b65fb50e04a95eec34a9d1bc138454a98a5578d8"}, {"url": "https://git.kernel.org/stable/c/0561b65fbd53d3e788c5b0222d9112ca016fd6a1"}, {"url": "https://git.kernel.org/stable/c/29e94f295bad5be59cf4271a93e22cdcf5536722"}, {"url": "https://git.kernel.org/stable/c/418c5575d56410c6e186ab727bf32ae32447d497"}, {"url": "https://git.kernel.org/stable/c/9c0f59e47a90c54d0153f8ddc0f80d7a36207d0e"}], "x_generator": {"engine": "bippy-1.2.0"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: i2c-hid: remove I2C_HID_READ_PENDING flag to prevent lock-up\n\nThe flag I2C_HID_READ_PENDING is used to serialize I2C operations.\nHowever, this is not necessary, because I2C core already has its own\nlocking for that.\n\nMore importantly, this flag can cause a lock-up: if the flag is set in\ni2c_hid_xfer() and an interrupt happens, the interrupt handler\n(i2c_hid_irq) will check this flag and return immediately without doing\nanything, then the interrupt handler will be invoked again in an\ninfinite loop.\n\nSince interrupt handler is an RT task, it takes over the CPU and the\nflag-clearing task never gets scheduled, thus we have a lock-up.\n\nDelete this unnecessary flag."}], "cpeApplicability": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "4.19.313", "versionStartIncluding": "3.8"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "5.4.275", "versionStartIncluding": "3.8"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "5.10.216", "versionStartIncluding": "3.8"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "5.15.158", "versionStartIncluding": "3.8"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "6.1.90", "versionStartIncluding": "3.8"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "6.6.30", "versionStartIncluding": "3.8"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "6.8.9", "versionStartIncluding": "3.8"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "6.9", "versionStartIncluding": "3.8"}], "operator": "OR"}]}], "providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2025-05-04T09:10:11.851Z"}}}, "cveMetadata": {"cveId": "CVE-2024-35997", "state": "PUBLISHED", "dateUpdated": "2025-05-04T09:10:11.851Z", "dateReserved": "2024-05-17T13:50:33.148Z", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "datePublished": "2024-05-20T09:48:00.363Z", "assignerShortName": "Linux"}, "dataVersion": "5.1"}

{

dataType : CVE_RECORD (string)

containers : { »

adp : [ »

0 : { »

title : CVE Program Container (string)

references : [ »

0 : { »

url : https://git.kernel.org/stable/c/21bfca822cfc1e71796124e93b46e0d9fa584401 (string)

tags : [ »

0 : x_transferred (string)

]

}

1 : { »

url : https://git.kernel.org/stable/c/c448a9fd50f77e8fb9156ff64848aa4295eb3003 (string)

tags : [ »

0 : x_transferred (string)

]

}

2 : { »

url : https://git.kernel.org/stable/c/5095b93021b899f54c9355bebf36d78854c33a22 (string)

tags : [ »

0 : x_transferred (string)

]

}

3 : { »

url : https://git.kernel.org/stable/c/b65fb50e04a95eec34a9d1bc138454a98a5578d8 (string)

tags : [ »

0 : x_transferred (string)

]

}

4 : { »

url : https://git.kernel.org/stable/c/0561b65fbd53d3e788c5b0222d9112ca016fd6a1 (string)

tags : [ »

0 : x_transferred (string)

]

}

5 : { »

url : https://git.kernel.org/stable/c/29e94f295bad5be59cf4271a93e22cdcf5536722 (string)

tags : [ »

0 : x_transferred (string)

]

}

6 : { »

url : https://git.kernel.org/stable/c/418c5575d56410c6e186ab727bf32ae32447d497 (string)

tags : [ »

0 : x_transferred (string)

]

}

7 : { »

url : https://git.kernel.org/stable/c/9c0f59e47a90c54d0153f8ddc0f80d7a36207d0e (string)

tags : [ »

0 : x_transferred (string)

]

}

8 : { »

url : https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html (string)

tags : [ »

0 : x_transferred (string)

]

}

9 : { »

url : https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html (string)

tags : [ »

0 : x_transferred (string)

]

}

]

providerMetadata : { »

orgId : af854a3a-2127-422b-91ae-364da2661108 (string)

shortName : CVE (string)

dateUpdated : 2024-08-02T03:30:12.481Z (string)

}

1 : { »

title : CISA ADP Vulnrichment (string)

metrics : [ »

0 : { »

other : { »

type : ssvc (string)

content : { »

id : CVE-2024-35997 (string)

role : CISA Coordinator (string)

options : [ »

0 : { »

Exploitation : none (string)

}

1 : { »

Automatable : no (string)

}

2 : { »

Technical Impact : partial (string)

}

]

version : 2.0.3 (string)

timestamp : 2025-01-16T21:06:56.094266Z (string)

}

]

affected : [ »

0 : { »

cpes : [ »

0 : cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:* (string)

]

vendor : linux (string)

product : linux_kernel (string)

versions : [ »

0 : { »

status : affected (string)

version : 4a200c3b9a40 (string)

lessThan : c448a9fd50f7 (string)

versionType : custom (string)

}

]

defaultStatus : unknown (string)

}

1 : { »

cpes : [ »

0 : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

]

vendor : linux (string)

product : linux_kernel (string)

versions : [ »

0 : { »

status : affected (string)

version : 4a200c3b9a40 (string)

lessThan : b65fb50e04a9 (string)

versionType : custom (string)

}

]

defaultStatus : unknown (string)

}

2 : { »

cpes : [ »

0 : cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:* (string)

]

vendor : linux (string)

product : linux_kernel (string)

versions : [ »

0 : { »

status : affected (string)

version : 4a200c3b9a40 (string)

lessThan : 5095b93021b8 (string)

versionType : custom (string)

}

]

defaultStatus : unknown (string)

}

3 : { »

cpes : [ »

0 : cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:* (string)

]

vendor : linux (string)

product : linux_kernel (string)

versions : [ »

0 : { »

status : affected (string)

version : 4a200c3b9a40 (string)

lessThan : 21bfca822cfc (string)

versionType : custom (string)

}

]

defaultStatus : unknown (string)

}

4 : { »

cpes : [ »

0 : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

]

vendor : linux (string)

product : linux_kernel (string)

versions : [ »

0 : { »

status : affected (string)

version : 4a200c3b9a40 (string)

lessThan : 29e94f295bad (string)

versionType : custom (string)

}

]

defaultStatus : unknown (string)

}

5 : { »

cpes : [ »

0 : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

]

vendor : linux (string)

product : linux_kernel (string)

versions : [ »

0 : { »

status : affected (string)

version : 4a200c3b9a40 (string)

lessThan : 418c5575d564 (string)

versionType : custom (string)

}

]

defaultStatus : unknown (string)

}

6 : { »

cpes : [ »

0 : cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:* (string)

]

vendor : linux (string)

product : linux_kernel (string)

versions : [ »

0 : { »

status : affected (string)

version : 4a200c3b9a40 (string)

versionType : custom (string)

lessThanOrEqual : 9c0f59e47a90 (string)

}

]

defaultStatus : unknown (string)

}

7 : { »

cpes : [ »

0 : cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:* (string)

]

vendor : linux (string)

product : linux_kernel (string)

versions : [ »

0 : { »

status : affected (string)

version : 3.8 (string)

}

]

defaultStatus : unknown (string)

}

8 : { »

cpes : [ »

0 : cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:* (string)

]

vendor : linux (string)

product : linux_kernel (string)

versions : [ »

0 : { »

status : unaffected (string)

version : 0 (string)

lessThan : 3.8 (string)

versionType : custom (string)

}

]

defaultStatus : unknown (string)

}

9 : { »

cpes : [ »

0 : cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:* (string)

]

vendor : linux (string)

product : linux_kernel (string)

versions : [ »

0 : { »

status : unaffected (string)

version : 4.19.313 (string)

versionType : custom (string)

lessThanOrEqual : 4.20 (string)

}

]

defaultStatus : unknown (string)

}

10 : { »

cpes : [ »

0 : cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:* (string)

]

vendor : linux (string)

product : linux_kernel (string)

versions : [ »

0 : { »

status : unaffected (string)

version : 5.4.275 (string)

versionType : custom (string)

lessThanOrEqual : 5.5 (string)

}

]

defaultStatus : unknown (string)

}

11 : { »

cpes : [ »

0 : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

]

vendor : linux (string)

product : linux_kernel (string)

versions : [ »

0 : { »

status : unaffected (string)

version : 5.10.216 (string)

versionType : custom (string)

lessThanOrEqual : 5.11 (string)

}

]

defaultStatus : unknown (string)

}

12 : { »

cpes : [ »

0 : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

]

vendor : linux (string)

product : linux_kernel (string)

versions : [ »

0 : { »

status : unaffected (string)

version : 5.15.158 (string)

versionType : custom (string)

lessThanOrEqual : 5.16 (string)

}

]

defaultStatus : unknown (string)

}

13 : { »

cpes : [ »

0 : cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:* (string)

]

vendor : linux (string)

product : linux_kernel (string)

versions : [ »

0 : { »

status : unaffected (string)

version : 6.1.90 (string)

versionType : custom (string)

lessThanOrEqual : 6.2 (string)

}

]

defaultStatus : unknown (string)

}

14 : { »

cpes : [ »

0 : cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:* (string)

]

vendor : linux (string)

product : linux_kernel (string)

versions : [ »

0 : { »

status : unaffected (string)

version : 6.6.30 (string)

versionType : custom (string)

lessThanOrEqual : 6.7 (string)

}

]

defaultStatus : unknown (string)

}

15 : { »

cpes : [ »

0 : cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:* (string)

]

vendor : linux (string)

product : linux_kernel (string)

versions : [ »

0 : { »

status : unaffected (string)

version : 6.8.9 (string)

versionType : custom (string)

lessThanOrEqual : 6.9 (string)

}

]

defaultStatus : unknown (string)

}

16 : { »

cpes : [ »

0 : cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:* (string)

]

vendor : linux (string)

product : linux_kernel (string)

versions : [ »

0 : { »

status : unaffected (string)

version : 6.9 (string)

}

]

defaultStatus : unknown (string)

}

17 : { »

cpes : [ »

0 : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

]

vendor : linux (string)

product : linux_kernel (string)

versions : [ »

0 : { »

status : affected (string)

version : 0 (string)

lessThan : 0561b65fbd53 (string)

versionType : custom (string)

}

]

defaultStatus : unknown (string)

}

]

providerMetadata : { »

orgId : 134c704f-9b21-4f2e-91b3-4a467353bcc0 (string)

shortName : CISA-ADP (string)

dateUpdated : 2024-06-12T19:11:17.552Z (string)

}

]

cna : { »

title : HID: i2c-hid: remove I2C_HID_READ_PENDING flag to prevent lock-up (string)

affected : [ »

0 : { »

repo : https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git (string)

vendor : Linux (string)

product : Linux (string)

versions : [ »

0 : { »

status : affected (string)

version : 4a200c3b9a40242652b5734630bdd0bcf3aca75f (string)

lessThan : 21bfca822cfc1e71796124e93b46e0d9fa584401 (string)

versionType : git (string)

}

1 : { »

status : affected (string)

version : 4a200c3b9a40242652b5734630bdd0bcf3aca75f (string)

lessThan : c448a9fd50f77e8fb9156ff64848aa4295eb3003 (string)

versionType : git (string)

}

2 : { »

status : affected (string)

version : 4a200c3b9a40242652b5734630bdd0bcf3aca75f (string)

lessThan : 5095b93021b899f54c9355bebf36d78854c33a22 (string)

versionType : git (string)

}

3 : { »

status : affected (string)

version : 4a200c3b9a40242652b5734630bdd0bcf3aca75f (string)

lessThan : b65fb50e04a95eec34a9d1bc138454a98a5578d8 (string)

versionType : git (string)

}

4 : { »

status : affected (string)

version : 4a200c3b9a40242652b5734630bdd0bcf3aca75f (string)

lessThan : 0561b65fbd53d3e788c5b0222d9112ca016fd6a1 (string)

versionType : git (string)

}

5 : { »

status : affected (string)

version : 4a200c3b9a40242652b5734630bdd0bcf3aca75f (string)

lessThan : 29e94f295bad5be59cf4271a93e22cdcf5536722 (string)

versionType : git (string)

}

6 : { »

status : affected (string)

version : 4a200c3b9a40242652b5734630bdd0bcf3aca75f (string)

lessThan : 418c5575d56410c6e186ab727bf32ae32447d497 (string)

versionType : git (string)

}

7 : { »

status : affected (string)

version : 4a200c3b9a40242652b5734630bdd0bcf3aca75f (string)

lessThan : 9c0f59e47a90c54d0153f8ddc0f80d7a36207d0e (string)

versionType : git (string)

}

]

programFiles : [ »

0 : drivers/hid/i2c-hid/i2c-hid-core.c (string)

]

defaultStatus : unaffected (string)

}

1 : { »

repo : https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git (string)

vendor : Linux (string)

product : Linux (string)

versions : [ »

0 : { »

status : affected (string)

version : 3.8 (string)

}

1 : { »

status : unaffected (string)

version : 0 (string)

lessThan : 3.8 (string)

versionType : semver (string)

}

2 : { »

status : unaffected (string)

version : 4.19.313 (string)

versionType : semver (string)

lessThanOrEqual : 4.19.* (string)

}

3 : { »

status : unaffected (string)

version : 5.4.275 (string)

versionType : semver (string)

lessThanOrEqual : 5.4.* (string)

}

4 : { »

status : unaffected (string)

version : 5.10.216 (string)

versionType : semver (string)

lessThanOrEqual : 5.10.* (string)

}

5 : { »

status : unaffected (string)

version : 5.15.158 (string)

versionType : semver (string)

lessThanOrEqual : 5.15.* (string)

}

6 : { »

status : unaffected (string)

version : 6.1.90 (string)

versionType : semver (string)

lessThanOrEqual : 6.1.* (string)

}

7 : { »

status : unaffected (string)

version : 6.6.30 (string)

versionType : semver (string)

lessThanOrEqual : 6.6.* (string)

}

8 : { »

status : unaffected (string)

version : 6.8.9 (string)

versionType : semver (string)

lessThanOrEqual : 6.8.* (string)

}

9 : { »

status : unaffected (string)

version : 6.9 (string)

versionType : original_commit_for_fix (string)

lessThanOrEqual : * (string)

}

]

programFiles : [ »

0 : drivers/hid/i2c-hid/i2c-hid-core.c (string)

]

defaultStatus : affected (string)

}

]

references : [ »

0 : { »

url : https://git.kernel.org/stable/c/21bfca822cfc1e71796124e93b46e0d9fa584401 (string)

}

1 : { »

url : https://git.kernel.org/stable/c/c448a9fd50f77e8fb9156ff64848aa4295eb3003 (string)

}

2 : { »

url : https://git.kernel.org/stable/c/5095b93021b899f54c9355bebf36d78854c33a22 (string)

}

3 : { »

url : https://git.kernel.org/stable/c/b65fb50e04a95eec34a9d1bc138454a98a5578d8 (string)

}

4 : { »

url : https://git.kernel.org/stable/c/0561b65fbd53d3e788c5b0222d9112ca016fd6a1 (string)

}

5 : { »

url : https://git.kernel.org/stable/c/29e94f295bad5be59cf4271a93e22cdcf5536722 (string)

}

6 : { »

url : https://git.kernel.org/stable/c/418c5575d56410c6e186ab727bf32ae32447d497 (string)

}

7 : { »

url : https://git.kernel.org/stable/c/9c0f59e47a90c54d0153f8ddc0f80d7a36207d0e (string)

}

]

x_generator : { »

engine : bippy-1.2.0 (string)

}

descriptions : [ »

0 : { »

lang : en (string)

}

]

cpeApplicability : [ »

0 : { »

nodes : [ »

0 : { »

negate : false (boolean)

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

vulnerable : true (boolean)

versionEndExcluding : 4.19.313 (string)

versionStartIncluding : 3.8 (string)

}

1 : { »

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

vulnerable : true (boolean)

versionEndExcluding : 5.4.275 (string)

versionStartIncluding : 3.8 (string)

}

2 : { »

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

vulnerable : true (boolean)

versionEndExcluding : 5.10.216 (string)

versionStartIncluding : 3.8 (string)

}

3 : { »

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

vulnerable : true (boolean)

versionEndExcluding : 5.15.158 (string)

versionStartIncluding : 3.8 (string)

}

4 : { »

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

vulnerable : true (boolean)

versionEndExcluding : 6.1.90 (string)

versionStartIncluding : 3.8 (string)

}

5 : { »

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

vulnerable : true (boolean)

versionEndExcluding : 6.6.30 (string)

versionStartIncluding : 3.8 (string)

}

6 : { »

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

vulnerable : true (boolean)

versionEndExcluding : 6.8.9 (string)

versionStartIncluding : 3.8 (string)

}

7 : { »

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

vulnerable : true (boolean)

versionEndExcluding : 6.9 (string)

versionStartIncluding : 3.8 (string)

}

]

operator : OR (string)

}

]

}

]

providerMetadata : { »

orgId : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

shortName : Linux (string)

dateUpdated : 2025-05-04T09:10:11.851Z (string)

}

cveMetadata : { »

cveId : CVE-2024-35997 (string)

state : PUBLISHED (string)

dateUpdated : 2025-05-04T09:10:11.851Z (string)

dateReserved : 2024-05-17T13:50:33.148Z (string)

assignerOrgId : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

datePublished : 2024-05-20T09:48:00.363Z (string)

assignerShortName : Linux (string)

}

dataVersion : 5.1 (string)

}

Show plain JSON

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "4FE032DD-45DE-45DB-86F3-04D82172342D", "versionEndExcluding": "4.19.313", "versionStartIncluding": "3.8", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "5FF6D8DE-C559-4586-86C8-2C6B4420A2C2", "versionEndExcluding": "5.4.275", "versionStartIncluding": "4.20", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "A44ABF89-F1BD-4C9A-895D-7596650DCD27", "versionEndExcluding": "5.10.216", "versionStartIncluding": "5.5", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "65D80EF6-76AF-4186-B680-55516EA42EED", "versionEndExcluding": "5.15.158", "versionStartIncluding": "5.11", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "59CEDDCF-5C0D-4939-9CFE-2F4524892DD3", "versionEndExcluding": "6.1.90", "versionStartIncluding": "5.16", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "84046DAF-73CF-429D-9BA4-05B658B377B5", "versionEndExcluding": "6.6.30", "versionStartIncluding": "6.2", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "5F9041E5-8358-4EF7-8F98-B812EDE49612", "versionEndExcluding": "6.8.9", "versionStartIncluding": "6.7", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: i2c-hid: remove I2C_HID_READ_PENDING flag to prevent lock-up\n\nThe flag I2C_HID_READ_PENDING is used to serialize I2C operations.\nHowever, this is not necessary, because I2C core already has its own\nlocking for that.\n\nMore importantly, this flag can cause a lock-up: if the flag is set in\ni2c_hid_xfer() and an interrupt happens, the interrupt handler\n(i2c_hid_irq) will check this flag and return immediately without doing\nanything, then the interrupt handler will be invoked again in an\ninfinite loop.\n\nSince interrupt handler is an RT task, it takes over the CPU and the\nflag-clearing task never gets scheduled, thus we have a lock-up.\n\nDelete this unnecessary flag."}, {"lang": "es", "value": " En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: HID: i2c-hid: elimine el indicador I2C_HID_READ_PENDING para evitar el bloqueo. El indicador I2C_HID_READ_PENDING se utiliza para serializar operaciones I2C. Sin embargo, esto no es necesario, porque el n\u00facleo I2C ya tiene su propio bloqueo para ello. M\u00e1s importante a\u00fan, este indicador puede causar un bloqueo: si el indicador est\u00e1 configurado en i2c_hid_xfer() y ocurre una interrupci\u00f3n, el controlador de interrupciones (i2c_hid_irq) verificar\u00e1 este indicador y regresar\u00e1 inmediatamente sin hacer nada, entonces se invocar\u00e1 el controlador de interrupciones. nuevamente en un bucle infinito. Dado que el controlador de interrupciones es una tarea RT, se hace cargo de la CPU y la tarea de limpieza de banderas nunca se programa, por lo que tenemos un bloqueo. Elimine esta bandera innecesaria."}], "id": "CVE-2024-35997", "lastModified": "2025-01-16T21:15:15.603", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2024-05-20T10:15:13.960", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/0561b65fbd53d3e788c5b0222d9112ca016fd6a1"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/21bfca822cfc1e71796124e93b46e0d9fa584401"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/29e94f295bad5be59cf4271a93e22cdcf5536722"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/418c5575d56410c6e186ab727bf32ae32447d497"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/5095b93021b899f54c9355bebf36d78854c33a22"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/9c0f59e47a90c54d0153f8ddc0f80d7a36207d0e"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/b65fb50e04a95eec34a9d1bc138454a98a5578d8"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/c448a9fd50f77e8fb9156ff64848aa4295eb3003"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/0561b65fbd53d3e788c5b0222d9112ca016fd6a1"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/21bfca822cfc1e71796124e93b46e0d9fa584401"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/29e94f295bad5be59cf4271a93e22cdcf5536722"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/418c5575d56410c6e186ab727bf32ae32447d497"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/5095b93021b899f54c9355bebf36d78854c33a22"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/9c0f59e47a90c54d0153f8ddc0f80d7a36207d0e"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/b65fb50e04a95eec34a9d1bc138454a98a5578d8"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/c448a9fd50f77e8fb9156ff64848aa4295eb3003"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-667"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{

configurations : [ »

0 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 4FE032DD-45DE-45DB-86F3-04D82172342D (string)

versionEndExcluding : 4.19.313 (string)

versionStartIncluding : 3.8 (string)

vulnerable : true (boolean)

}

1 : { »

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 5FF6D8DE-C559-4586-86C8-2C6B4420A2C2 (string)

versionEndExcluding : 5.4.275 (string)

versionStartIncluding : 4.20 (string)

vulnerable : true (boolean)

}

2 : { »

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

matchCriteriaId : A44ABF89-F1BD-4C9A-895D-7596650DCD27 (string)

versionEndExcluding : 5.10.216 (string)

versionStartIncluding : 5.5 (string)

vulnerable : true (boolean)

}

3 : { »

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 65D80EF6-76AF-4186-B680-55516EA42EED (string)

versionEndExcluding : 5.15.158 (string)

versionStartIncluding : 5.11 (string)

vulnerable : true (boolean)

}

4 : { »

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 59CEDDCF-5C0D-4939-9CFE-2F4524892DD3 (string)

versionEndExcluding : 6.1.90 (string)

versionStartIncluding : 5.16 (string)

vulnerable : true (boolean)

}

5 : { »

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 84046DAF-73CF-429D-9BA4-05B658B377B5 (string)

versionEndExcluding : 6.6.30 (string)

versionStartIncluding : 6.2 (string)

vulnerable : true (boolean)

}

6 : { »

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 5F9041E5-8358-4EF7-8F98-B812EDE49612 (string)

versionEndExcluding : 6.8.9 (string)

versionStartIncluding : 6.7 (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

}

]

cveTags : [ *empty* ]

descriptions : [ »

0 : { »

lang : en (string)

}

1 : { »

lang : es (string)

value : En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: HID: i2c-hid: elimine el indicador I2C_HID_READ_PENDING para evitar el bloqueo. El indicador I2C_HID_READ_PENDING se utiliza para serializar operaciones I2C. Sin embargo, esto no es necesario, porque el núcleo I2C ya tiene su propio bloqueo para ello. Más importante aún, este indicador puede causar un bloqueo: si el indicador está configurado en i2c_hid_xfer() y ocurre una interrupción, el controlador de interrupciones (i2c_hid_irq) verificará este indicador y regresará inmediatamente sin hacer nada, entonces se invocará el controlador de interrupciones. nuevamente en un bucle infinito. Dado que el controlador de interrupciones es una tarea RT, se hace cargo de la CPU y la tarea de limpieza de banderas nunca se programa, por lo que tenemos un bloqueo. Elimine esta bandera innecesaria. (string)

}

]

id : CVE-2024-35997 (string)

lastModified : 2025-01-16T21:15:15.603 (string)

metrics : { »

cvssMetricV31 : [ »

0 : { »

cvssData : { »

attackComplexity : LOW (string)

attackVector : LOCAL (string)

availabilityImpact : HIGH (string)

baseScore : 5.5 (number)

baseSeverity : MEDIUM (string)

confidentialityImpact : NONE (string)

integrityImpact : NONE (string)

privilegesRequired : LOW (string)

scope : UNCHANGED (string)

userInteraction : NONE (string)

vectorString : CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H (string)

version : 3.1 (string)

}

exploitabilityScore : 1.8 (number)

impactScore : 3.6 (number)

source : nvd@nist.gov (string)

type : Primary (string)

}

]

}

published : 2024-05-20T10:15:13.960 (string)

references : [ »

0 : { »

source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

tags : [ »

0 : Patch (string)

]

url : https://git.kernel.org/stable/c/0561b65fbd53d3e788c5b0222d9112ca016fd6a1 (string)

}

1 : { »

source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

tags : [ »

0 : Patch (string)

]

url : https://git.kernel.org/stable/c/21bfca822cfc1e71796124e93b46e0d9fa584401 (string)

}

2 : { »

source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

tags : [ »

0 : Patch (string)

]

url : https://git.kernel.org/stable/c/29e94f295bad5be59cf4271a93e22cdcf5536722 (string)

}

3 : { »

source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

tags : [ »

0 : Patch (string)

]

url : https://git.kernel.org/stable/c/418c5575d56410c6e186ab727bf32ae32447d497 (string)

}

4 : { »

source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

tags : [ »

0 : Patch (string)

]

url : https://git.kernel.org/stable/c/5095b93021b899f54c9355bebf36d78854c33a22 (string)

}

5 : { »

source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

tags : [ »

0 : Patch (string)

]

url : https://git.kernel.org/stable/c/9c0f59e47a90c54d0153f8ddc0f80d7a36207d0e (string)

}

6 : { »

source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

tags : [ »

0 : Patch (string)

]

url : https://git.kernel.org/stable/c/b65fb50e04a95eec34a9d1bc138454a98a5578d8 (string)

}

7 : { »

source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

tags : [ »

0 : Patch (string)

]

url : https://git.kernel.org/stable/c/c448a9fd50f77e8fb9156ff64848aa4295eb3003 (string)

}

8 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Patch (string)

]

url : https://git.kernel.org/stable/c/0561b65fbd53d3e788c5b0222d9112ca016fd6a1 (string)

}

9 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Patch (string)

]

url : https://git.kernel.org/stable/c/21bfca822cfc1e71796124e93b46e0d9fa584401 (string)

}

10 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Patch (string)

]

url : https://git.kernel.org/stable/c/29e94f295bad5be59cf4271a93e22cdcf5536722 (string)

}

11 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Patch (string)

]

url : https://git.kernel.org/stable/c/418c5575d56410c6e186ab727bf32ae32447d497 (string)

}

12 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Patch (string)

]

url : https://git.kernel.org/stable/c/5095b93021b899f54c9355bebf36d78854c33a22 (string)

}

13 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Patch (string)

]

url : https://git.kernel.org/stable/c/9c0f59e47a90c54d0153f8ddc0f80d7a36207d0e (string)

}

14 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Patch (string)

]

url : https://git.kernel.org/stable/c/b65fb50e04a95eec34a9d1bc138454a98a5578d8 (string)

}

15 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Patch (string)

]

url : https://git.kernel.org/stable/c/c448a9fd50f77e8fb9156ff64848aa4295eb3003 (string)

}

16 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

url : https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html (string)

}

17 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

url : https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html (string)

}

]

sourceIdentifier : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

vulnStatus : Modified (string)

weaknesses : [ »

0 : { »

description : [ »

0 : { »

lang : en (string)

value : CWE-667 (string)

}

]

source : nvd@nist.gov (string)

type : Primary (string)

}

]

}

Show plain JSON

{"bugzilla": {"description": "kernel: HID: i2c-hid: remove I2C_HID_READ_PENDING flag to prevent lock-up", "id": "2281977", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2281977"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.5", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "status": "draft"}, "details": ["In the Linux kernel, the following vulnerability has been resolved:\nHID: i2c-hid: remove I2C_HID_READ_PENDING flag to prevent lock-up\nThe flag I2C_HID_READ_PENDING is used to serialize I2C operations.\nHowever, this is not necessary, because I2C core already has its own\nlocking for that.\nMore importantly, this flag can cause a lock-up: if the flag is set in\ni2c_hid_xfer() and an interrupt happens, the interrupt handler\n(i2c_hid_irq) will check this flag and return immediately without doing\nanything, then the interrupt handler will be invoked again in an\ninfinite loop.\nSince interrupt handler is an RT task, it takes over the CPU and the\nflag-clearing task never gets scheduled, thus we have a lock-up.\nDelete this unnecessary flag."], "name": "CVE-2024-35997", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2024-05-20T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2024-35997\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-35997\nhttps://lore.kernel.org/linux-cve-announce/2024052022-CVE-2024-35997-1a3c@gregkh/T"], "threat_severity": "Low"}

{

bugzilla : { »

description : kernel: HID: i2c-hid: remove I2C_HID_READ_PENDING flag to prevent lock-up (string)

id : 2281977 (string)

url : https://bugzilla.redhat.com/show_bug.cgi?id=2281977 (string)

}

csaw : false (boolean)

cvss3 : { »

cvss3_base_score : 5.5 (string)

cvss3_scoring_vector : CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H (string)

status : draft (string)

}

details : [ »

0 : In the Linux kernel, the following vulnerability has been resolved: HID: i2c-hid: remove I2C_HID_READ_PENDING flag to prevent lock-up The flag I2C_HID_READ_PENDING is used to serialize I2C operations. However, this is not necessary, because I2C core already has its own locking for that. More importantly, this flag can cause a lock-up: if the flag is set in i2c_hid_xfer() and an interrupt happens, the interrupt handler (i2c_hid_irq) will check this flag and return immediately without doing anything, then the interrupt handler will be invoked again in an infinite loop. Since interrupt handler is an RT task, it takes over the CPU and the flag-clearing task never gets scheduled, thus we have a lock-up. Delete this unnecessary flag. (string)

]

name : CVE-2024-35997 (string)

package_state : [ »

0 : { »

cpe : cpe:/o:redhat:enterprise_linux:6 (string)

fix_state : Not affected (string)

package_name : kernel (string)

product_name : Red Hat Enterprise Linux 6 (string)

}

1 : { »

cpe : cpe:/o:redhat:enterprise_linux:7 (string)

fix_state : Out of support scope (string)

package_name : kernel (string)

product_name : Red Hat Enterprise Linux 7 (string)

}

2 : { »

cpe : cpe:/o:redhat:enterprise_linux:7 (string)

fix_state : Out of support scope (string)

package_name : kernel-rt (string)

product_name : Red Hat Enterprise Linux 7 (string)

}

3 : { »

cpe : cpe:/o:redhat:enterprise_linux:8 (string)

fix_state : Not affected (string)

package_name : kernel (string)

product_name : Red Hat Enterprise Linux 8 (string)

}

4 : { »

cpe : cpe:/o:redhat:enterprise_linux:8 (string)

fix_state : Not affected (string)

package_name : kernel-rt (string)

product_name : Red Hat Enterprise Linux 8 (string)

}

5 : { »

cpe : cpe:/o:redhat:enterprise_linux:9 (string)

fix_state : Not affected (string)

package_name : kernel (string)

product_name : Red Hat Enterprise Linux 9 (string)

}

6 : { »

cpe : cpe:/o:redhat:enterprise_linux:9 (string)

fix_state : Not affected (string)

package_name : kernel-rt (string)

product_name : Red Hat Enterprise Linux 9 (string)

}

]

public_date : 2024-05-20T00:00:00Z (string)

references : [ »

0 : https://www.cve.org/CVERecord?id=CVE-2024-35997 https://nvd.nist.gov/vuln/detail/CVE-2024-35997 https://lore.kernel.org/linux-cve-announce/2024052022-CVE-2024-35997-1a3c@gregkh/T (string)

]

threat_severity : Low (string)

}

Metrics

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Exploitation none

Automatable no

Technical Impact partial

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object