In the Linux kernel, the following vulnerability has been resolved:
spi: hisi-kunpeng: Add verification for the max_frequency provided by the firmware
If the value of max_speed_hz is 0, it may cause a division by zero
error in hisi_calc_effective_speed().
The value of max_speed_hz is provided by firmware.
Firmware is generally considered as a trusted domain. However, as
division by zero errors can cause system failure, for defense measure,
the value of max_speed is validated here. So 0 is regarded as invalid
and an error code is returned.
References
Configurations
Configuration 1 (hide)
|
History
No history.
Information
Published : 2024-10-09 15:15
Updated : 2024-10-23 16:47
NVD link : CVE-2024-47664
Mitre link : CVE-2024-47664
CVE.ORG link : CVE-2024-47664
JSON object : View
Products Affected
linux
- linux_kernel
CWE
CWE-369
Divide By Zero