Wind River Support Network

HomeDefectsLIN1023-3785
Fixed

LIN1023-3785 : Security Advisory - linux - CVE-2024-26593

Created: Feb 25, 2024    Updated: Apr 23, 2024
Resolved Date: Mar 8, 2024
Found In Version: 10.23.30.1
Fix Version: 10.23.30.8
Severity: Standard
Applicable for: Wind River Linux LTS 23
Component/s: Kernel

Description

In the Linux kernel, the following vulnerability has been resolved:

i2c: i801: Fix block process call transactions

According to the Intel datasheets, software must reset the block
buffer index twice for block process call transactions: once before
writing the outgoing data to the buffer, and once again before
reading the incoming data from the buffer.

The driver is currently missing the second reset, causing the wrong
portion of the block buffer to be read.

CREATE(Triage):(User=admin) CVE-2024-26593 (https://nvd.nist.gov/vuln/detail/CVE-2024-26593)

CVEs


Live chat
Online