CVE-2024-26593

{"id": "CVE-2024-26593", "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.1, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.2, "exploitabilityScore": 1.8}]}, "published": "2024-02-23T10:15:07.943", "references": [{"url": "https://git.kernel.org/stable/c/1f8d0691c50581ba6043f009ec9e8b9f78f09d5a", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/491528935c9c48bf341d8b40eabc6c4fc5df6f2c", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/609c7c1cc976e740d0fed4dbeec688b3ecb5dce2", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/6be99c51829b24c914cef5bff6164877178e84d9", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/7a14b8a477b88607d157c24aeb23e7389ec3319f", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/c1c9d0f6f7f1dbf29db996bd8e166242843a5f21", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/d074d5ff5ae77b18300e5079c6bda6342a4d44b7", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-125"}]}], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ni2c: i801: Fix block process call transactions\n\nAccording to the Intel datasheets, software must reset the block\nbuffer index twice for block process call transactions: once before\nwriting the outgoing data to the buffer, and once again before\nreading the incoming data from the buffer.\n\nThe driver is currently missing the second reset, causing the wrong\nportion of the block buffer to be read."}, {"lang": "es", "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: i2c: i801: Reparar transacciones de llamada de proceso de bloque Seg\u00fan las hojas de datos de Intel, el software debe restablecer el \u00edndice del b\u00fafer de bloque dos veces para transacciones de llamada de proceso de bloque: una vez antes de escribir los datos salientes en el b\u00fafer , y una vez m\u00e1s antes de leer los datos entrantes del b\u00fafer. Actualmente, al controlador le falta el segundo reinicio, lo que provoca que se lea la parte incorrecta del b\u00fafer de bloque."}], "lastModified": "2024-06-25T23:15:24.260", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8603678A-7C83-4A0B-93B2-98A5623111BB", "versionEndExcluding": "5.4.269", "versionStartIncluding": "5.3.0"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B39742A2-A0C1-490C-95CC-FB78D6D70698", "versionEndExcluding": "5.10.210", "versionStartIncluding": "5.5.0"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E6FB1C44-BEEE-4D31-AD44-E15806EA6249", "versionEndExcluding": "5.15.149", "versionStartIncluding": "5.11.0"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3B0A907E-1010-4294-AEFE-0EB5684AF52C", "versionEndExcluding": "6.1.79", "versionStartIncluding": "5.16.0"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A5CC150E-F35C-4CF7-ADF5-422D32C511C2", "versionEndExcluding": "6.6.18", "versionStartIncluding": "6.2.0"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0C8D1FAD-4D5D-4A25-B058-2AD15082710E", "versionEndExcluding": "6.7.6", "versionStartIncluding": "6.7.0"}], "operator": "OR"}]}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}