CVE-2024-27028

spi: spi-mt65xx: Fix NULL pointer access in interrupt handler

Severity Score

6.5

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

Track

*SSVC

Descriptions

In the Linux kernel, the following vulnerability has been resolved: spi: spi-mt65xx: Fix NULL pointer access in interrupt handler The TX buffer in spi_transfer can be a NULL pointer, so the interrupt
handler may end up writing to the invalid memory and cause crashes. Add a check to trans->tx_buf before using it.

En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: spi: spi-mt65xx: corrige el acceso al puntero NULL en el controlador de interrupciones. El búfer TX en spi_transfer puede ser un puntero NULL, por lo que el controlador de interrupciones puede terminar escribiendo en la memoria no válida y causar accidentes. Agregue una marca a trans->tx_buf antes de usarlo.

In the Linux kernel, the following vulnerability has been resolved: spi: spi-mt65xx: Fix NULL pointer access in interrupt handler The TX buffer in spi_transfer can be a NULL pointer, so the interrupt handler may end up writing to the invalid memory and cause crashes. Add a check to trans->tx_buf before using it.

Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not properly handle certain error conditions, leading to a NULL pointer dereference. A local attacker could possibly trigger this vulnerability to cause a denial of service. Zheng Wang discovered that the Broadcom FullMAC WLAN driver in the Linux kernel contained a race condition during device removal, leading to a use- after-free vulnerability. A physically proximate attacker could possibly use this to cause a denial of service.

*Credits: N/A

CVSS Scores

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

Low

Availability

Low

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

High

Attack Vector

Local

Attack Complexity

Low

Authentication

Single

Confidentiality

None

Integrity

None

Availability

Complete

* Common Vulnerability Scoring System

SSVC

Decision:Track

Exploitation

None

Automatable

Tech. Impact

Partial

* Organization's Worst-case Scenario

Timeline

2024-02-19 CVE Reserved
2024-05-01 CVE Published
2024-12-19 CVE Updated
2025-03-18 EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-476: NULL Pointer Dereference

CAPEC

References (12)

URL	Tag	Source
https://git.kernel.org/stable/c/1ce24864bff40e11500a699789412115fdf244bf	Vuln. Introduced
https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html
https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html

URL	Date	SRC

URL	Date	SRC
https://git.kernel.org/stable/c/2342b05ec5342a519e00524a507f7a6ea6791a38	2024-03-26
https://git.kernel.org/stable/c/55f8ea6731aa64871ee6aef7dba53ee9f9f3b2f6	2024-03-26
https://git.kernel.org/stable/c/bcfcdf19698024565eff427706ebbd8df65abd11	2024-03-26
https://git.kernel.org/stable/c/c10fed329c1c104f375a75ed97ea3abef0786d62	2024-03-26
https://git.kernel.org/stable/c/766ec94cc57492eab97cbbf1595bd516ab0cb0e4	2024-03-26
https://git.kernel.org/stable/c/62b1f837b15cf3ec2835724bdf8577e47d14c753	2024-03-26
https://git.kernel.org/stable/c/bea82355df9e1c299625405b1947fc9b26b4c6d4	2024-03-26
https://git.kernel.org/stable/c/1784053cf10a14c4ebd8a890bad5cfe1bee51713	2024-03-26
https://git.kernel.org/stable/c/a20ad45008a7c82f1184dc6dee280096009ece55	2024-03-21

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.11 < 4.19.311 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.11 < 4.19.311"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.11 < 5.4.273 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.11 < 5.4.273"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.11 < 5.10.214 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.11 < 5.10.214"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.11 < 5.15.153 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.11 < 5.15.153"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.11 < 6.1.83 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.11 < 6.1.83"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.11 < 6.6.23 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.11 < 6.6.23"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.11 < 6.7.11 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.11 < 6.7.11"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.11 < 6.8.2 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.11 < 6.8.2"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.11 < 6.9 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.11 < 6.9"		en		Affected