In the Linux kernel, the following vulnerability has been resolved:
spi: hisi-kunpeng: Add verification for the max_frequency provided by the firmware
If the value of max_speed_hz is 0, it may cause a division by zero
error in hisi_calc_effective_speed().
The value of max_speed_hz is provided by firmware.
Firmware is generally considered as a trusted domain. However, as
division by zero errors can cause system failure, for defense measure,
the value of max_speed is validated here. So 0 is regarded as invalid
and an error code is returned.
Metrics
Affected Vendors & Products
References
History
Wed, 23 Oct 2024 17:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Linux
Linux linux Kernel |
|
Weaknesses | CWE-369 | |
CPEs | cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:6.11:rc1:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:6.11:rc2:*:*:*:*:*:* |
|
Vendors & Products |
Linux
Linux linux Kernel |
Wed, 23 Oct 2024 15:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Weaknesses | CWE-20 |
Thu, 10 Oct 2024 14:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Thu, 10 Oct 2024 14:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
References |
| |
Metrics |
threat_severity
|
cvssV3_1
|
Wed, 09 Oct 2024 14:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | In the Linux kernel, the following vulnerability has been resolved: spi: hisi-kunpeng: Add verification for the max_frequency provided by the firmware If the value of max_speed_hz is 0, it may cause a division by zero error in hisi_calc_effective_speed(). The value of max_speed_hz is provided by firmware. Firmware is generally considered as a trusted domain. However, as division by zero errors can cause system failure, for defense measure, the value of max_speed is validated here. So 0 is regarded as invalid and an error code is returned. | |
Title | spi: hisi-kunpeng: Add verification for the max_frequency provided by the firmware | |
References |
|
MITRE
Status: PUBLISHED
Assigner: Linux
Published: 2024-10-09T14:13:57.337Z
Updated: 2024-12-19T09:25:17.005Z
Reserved: 2024-09-30T16:00:12.936Z
Link: CVE-2024-47664
Vulnrichment
Updated: 2024-10-10T13:22:16.913Z
NVD
Status : Analyzed
Published: 2024-10-09T15:15:15.223
Modified: 2024-10-23T16:47:35.643
Link: CVE-2024-47664
Redhat