In the Linux kernel, the following vulnerability has been resolved:
HID: i2c-hid: remove I2C_HID_READ_PENDING flag to prevent lock-up
The flag I2C_HID_READ_PENDING is used to serialize I2C operations.
However, this is not necessary, because I2C core already has its own
locking for that.
More importantly, this flag can cause a lock-up: if the flag is set in
i2c_hid_xfer() and an interrupt happens, the interrupt handler
(i2c_hid_irq) will check this flag and return immediately without doing
anything, then the interrupt handler will be invoked again in an
infinite loop.
Since interrupt handler is an RT task, it takes over the CPU and the
flag-clearing task never gets scheduled, thus we have a lock-up.
Delete this unnecessary flag.
References
Configurations
Configuration 1 (hide)
|
History
05 Nov 2024, 10:17
Type | Values Removed | Values Added |
---|---|---|
References |
|
03 Jul 2024, 02:02
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-400 |
27 Jun 2024, 12:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
25 Jun 2024, 23:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
24 May 2024, 01:15
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-667 | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 5.5 |
References | () https://git.kernel.org/stable/c/0561b65fbd53d3e788c5b0222d9112ca016fd6a1 - Patch | |
References | () https://git.kernel.org/stable/c/21bfca822cfc1e71796124e93b46e0d9fa584401 - Patch | |
References | () https://git.kernel.org/stable/c/29e94f295bad5be59cf4271a93e22cdcf5536722 - Patch | |
References | () https://git.kernel.org/stable/c/418c5575d56410c6e186ab727bf32ae32447d497 - Patch | |
References | () https://git.kernel.org/stable/c/5095b93021b899f54c9355bebf36d78854c33a22 - Patch | |
References | () https://git.kernel.org/stable/c/9c0f59e47a90c54d0153f8ddc0f80d7a36207d0e - Patch | |
References | () https://git.kernel.org/stable/c/b65fb50e04a95eec34a9d1bc138454a98a5578d8 - Patch | |
References | () https://git.kernel.org/stable/c/c448a9fd50f77e8fb9156ff64848aa4295eb3003 - Patch | |
Summary |
|
|
CPE | cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | |
First Time |
Linux linux Kernel
Linux |
20 May 2024, 10:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-05-20 10:15
Updated : 2024-11-05 10:17
NVD link : CVE-2024-35997
Mitre link : CVE-2024-35997
CVE.ORG link : CVE-2024-35997
JSON object : View
Products Affected
linux
- linux_kernel