CVE - CVE-2024-27028

CVE-ID
CVE-2024-27028	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
In the Linux kernel, the following vulnerability has been resolved: spi: spi-mt65xx: Fix NULL pointer access in interrupt handler The TX buffer in spi_transfer can be a NULL pointer, so the interrupt handler may end up writing to the invalid memory and cause crashes. Add a check to trans->tx_buf before using it.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
MISC:https://git.kernel.org/stable/c/1784053cf10a14c4ebd8a890bad5cfe1bee51713 URL:https://git.kernel.org/stable/c/1784053cf10a14c4ebd8a890bad5cfe1bee51713 MISC:https://git.kernel.org/stable/c/2342b05ec5342a519e00524a507f7a6ea6791a38 URL:https://git.kernel.org/stable/c/2342b05ec5342a519e00524a507f7a6ea6791a38 MISC:https://git.kernel.org/stable/c/55f8ea6731aa64871ee6aef7dba53ee9f9f3b2f6 URL:https://git.kernel.org/stable/c/55f8ea6731aa64871ee6aef7dba53ee9f9f3b2f6 MISC:https://git.kernel.org/stable/c/62b1f837b15cf3ec2835724bdf8577e47d14c753 URL:https://git.kernel.org/stable/c/62b1f837b15cf3ec2835724bdf8577e47d14c753 MISC:https://git.kernel.org/stable/c/766ec94cc57492eab97cbbf1595bd516ab0cb0e4 URL:https://git.kernel.org/stable/c/766ec94cc57492eab97cbbf1595bd516ab0cb0e4 MISC:https://git.kernel.org/stable/c/a20ad45008a7c82f1184dc6dee280096009ece55 URL:https://git.kernel.org/stable/c/a20ad45008a7c82f1184dc6dee280096009ece55 MISC:https://git.kernel.org/stable/c/bcfcdf19698024565eff427706ebbd8df65abd11 URL:https://git.kernel.org/stable/c/bcfcdf19698024565eff427706ebbd8df65abd11 MISC:https://git.kernel.org/stable/c/bea82355df9e1c299625405b1947fc9b26b4c6d4 URL:https://git.kernel.org/stable/c/bea82355df9e1c299625405b1947fc9b26b4c6d4 MISC:https://git.kernel.org/stable/c/c10fed329c1c104f375a75ed97ea3abef0786d62 URL:https://git.kernel.org/stable/c/c10fed329c1c104f375a75ed97ea3abef0786d62 MLIST:[debian-lts-announce] 20240625 [SECURITY] [DLA 3842-1] linux-5.10 security update URL:https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html
Assigning CNA
kernel.org
Date Record Created
20240219	Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20240219)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: CVE Request Web Form (select "Other" from dropdown)

Use of the CVE® List and the associated references from this website are subject to the terms of use. CVE is sponsored by the U.S. Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA). Copyright © 1999–2024, The MITRE Corporation. CVE and the CVE logo are registered trademarks of The MITRE Corporation.