CVE-2024-42092
Published: Jul 29, 2024
Modified: May 11, 2026
Description
In the Linux kernel, the following vulnerability has been resolved: gpio: davinci: Validate the obtained number of IRQs Value of pdata->gpio_unbanked is taken from Device Tree. In case of broken DT due to any error this value can be any. Without this value validation there can be out of chips->irqs array boundaries access in davinci_gpio_probe(). Validate the obtained nirq value so that it won't exceed the maximum number of IRQs per bank. Found by Linux Verification Center (linuxtesting.org) with SVACE.
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected eb3744a2dd01cb07ce9f556d56d6fe451f0c313a - < a8d78984fdc105bc1a38b73e98d32b1bc4222684affected eb3744a2dd01cb07ce9f556d56d6fe451f0c313a - < cd75721984337c38a12aeca33ba301d31ca4b3fdaffected eb3744a2dd01cb07ce9f556d56d6fe451f0c313a - < e44a83bf15c4db053ac6dfe96a23af184c9136d9affected eb3744a2dd01cb07ce9f556d56d6fe451f0c313a - < 70b48899f3f23f98a52c5b1060aefbdc7ba7957baffected eb3744a2dd01cb07ce9f556d56d6fe451f0c313a - < 89d7008af4945808677662a630643b5ea89c6e8d+3 more versions |
Linux | Linux | affected 4.19unaffected 0 - < 4.19unaffected 4.19.317 - <= 4.19.*unaffected 5.4.279 - <= 5.4.*unaffected 5.10.221 - <= 5.10.*+5 more versions |
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now