In the Linux kernel, the following vulnerability has been resolved:
spi: hisi-kunpeng: Add verification for the max_frequency provided by the firmware
If the value of max_speed_hz is 0, it may cause a division by zero
error in hisi_calc_effective_speed().
The value of max_speed_hz is provided by firmware.
Firmware is generally considered as a trusted domain. However, as
division by zero errors can cause system failure, for defense measure,
the value of max_speed is validated here. So 0 is regarded as invalid
and an error code is returned.
References
Configurations
Configuration 1 (hide)
|
History
23 Oct 2024, 16:47
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-369 | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 5.5 |
References | () https://git.kernel.org/stable/c/16ccaf581da4fcf1e4d66086cf37263f9a656d43 - Patch | |
References | () https://git.kernel.org/stable/c/5127c42c77de18651aa9e8e0a3ced190103b449c - Patch | |
References | () https://git.kernel.org/stable/c/ee73a15d4a8ce8fb02d7866f7cf78fcdd16f0fcc - Patch | |
First Time |
Linux linux Kernel
Linux |
|
CPE | cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:6.11:rc1:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:6.11:rc2:*:*:*:*:*:* |
10 Oct 2024, 12:51
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
09 Oct 2024, 15:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-10-09 15:15
Updated : 2024-10-23 16:47
NVD link : CVE-2024-47664
Mitre link : CVE-2024-47664
CVE.ORG link : CVE-2024-47664
JSON object : View
Products Affected
linux
- linux_kernel
CWE
CWE-369
Divide By Zero