CVE-2024-26593
i2c: i801: Fix block process call transactions
Vexday Risk Score
3Baixo
Decisão SSVC (CISA)
Track
Sem sinal de exploração → monitorar
CVSS —EPSS 0.3%KEV nãoPoC —Nuclei —Metasploit —Patch —
Ciclo de vida
23 fev 2024Publicada no NVD
Recomendação: Monitorar — sem sinal de exploração no momento.
In the Linux kernel, the following vulnerability has been resolved:
i2c: i801: Fix block process call transactions
According to the Intel datasheets, software must reset the block
buffer index twice for block process call transactions: once before
writing the outgoing data to the buffer, and once again before
reading the incoming data from the buffer.
The driver is currently missing the second reset, causing the wrong
portion of the block buffer to be read.
Produtos afetados
Linux · LinuxQuer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →Referências
https://git.kernel.org/stable/c/1f8d0691c50581ba6043f009ec9e8b9f78f09d5ahttps://git.kernel.org/stable/c/491528935c9c48bf341d8b40eabc6c4fc5df6f2chttps://git.kernel.org/stable/c/609c7c1cc976e740d0fed4dbeec688b3ecb5dce2https://git.kernel.org/stable/c/6be99c51829b24c914cef5bff6164877178e84d9https://git.kernel.org/stable/c/7a14b8a477b88607d157c24aeb23e7389ec3319fhttps://git.kernel.org/stable/c/c1c9d0f6f7f1dbf29db996bd8e166242843a5f21https://git.kernel.org/stable/c/d074d5ff5ae77b18300e5079c6bda6342a4d44b7https://lists.debian.org/debian-lts-announce/2024/06/msg00017.htmlhttps://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EZOU3745CWCDZ7EMKMXB2OEEIB5Q3IWM/