Executive Summary

Informations
Name CVE-2024-26806 First vendor Publication 2024-04-04
Vendor Cve Last vendor Modification 2025-03-27

Security-Database Scoring CVSS v3

Cvss vector : CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Overall CVSS Score 5.5
Base Score 5.5 Environmental Score 5.5
impact SubScore 3.6 Temporal Score 5.5
Exploitabality Sub Score 1.8
 
Attack Vector Local Attack Complexity Low
Privileges Required Low User Interaction None
Scope Unchanged Confidentiality Impact None
Integrity Impact None Availability Impact High
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector :
Cvss Base Score N/A Attack Range N/A
Cvss Impact Score N/A Attack Complexity N/A
Cvss Expoit Score N/A Authentication N/A
Calculate full CVSS 2.0 Vectors scores

Detail

In the Linux kernel, the following vulnerability has been resolved:

spi: cadence-qspi: remove system-wide suspend helper calls from runtime PM hooks

The ->runtime_suspend() and ->runtime_resume() callbacks are not expected to call spi_controller_suspend() and spi_controller_resume(). Remove calls to those in the cadence-qspi driver.

Those helpers have two roles currently:
- They stop/start the queue, including dealing with the kworker.
- They toggle the SPI controller SPI_CONTROLLER_SUSPENDED flag. It
requires acquiring ctlr->bus_lock_mutex.

Step one is irrelevant because cadence-qspi is not queued. Step two however has two implications:
- A deadlock occurs, because ->runtime_resume() is called in a context
where the lock is already taken (in the ->exec_op() callback, where
the usage count is incremented).
- It would disallow all operations once the device is auto-suspended.

Here is a brief call tree highlighting the mutex deadlock:

spi_mem_exec_op()
...
spi_mem_access_start()
mutex_lock(&ctlr->bus_lock_mutex)

cqspi_exec_mem_op()
pm_runtime_resume_and_get()
cqspi_resume()
spi_controller_resume()
mutex_lock(&ctlr->bus_lock_mutex)
...

spi_mem_access_end()
mutex_unlock(&ctlr->bus_lock_mutex)
...

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26806

CWE : Common Weakness Enumeration

% Id Name
100 % CWE-667 Insufficient Locking

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 8
Os 3647

Sources (Detail)

https://git.kernel.org/stable/c/041562ebc4759c9932b59a06527f8753b86da365
https://git.kernel.org/stable/c/959043afe53ae80633e810416cee6076da6e91c6
Source Url

Alert History

If you want to see full details history, please login or register.
0
1
2
3
4
5
Date Informations
2025-03-28 17:21:35
  • Multiple Updates
2025-03-28 13:41:26
  • Multiple Updates
2025-03-28 00:21:31
  • Multiple Updates
2024-11-25 09:26:16
  • Multiple Updates
2024-04-04 17:27:26
  • Multiple Updates
2024-04-04 13:27:24
  • First insertion