CVE-2024-47664

Published: Oct 9, 2024

Modified: May 11, 2026

PUBLISHED

Description

In the Linux kernel, the following vulnerability has been resolved: spi: hisi-kunpeng: Add verification for the max_frequency provided by the firmware If the value of max_speed_hz is 0, it may cause a division by zero error in hisi_calc_effective_speed(). The value of max_speed_hz is provided by firmware. Firmware is generally considered as a trusted domain. However, as division by zero errors can cause system failure, for defense measure, the value of max_speed is validated here. So 0 is regarded as invalid and an error code is returned.

Vendor	Product	Versions
Linux	Linux	affected `c770d8631e1810d8f1ce21b18ad5dd67eeb39e5c - < 16ccaf581da4fcf1e4d66086cf37263f9a656d43` affected `c770d8631e1810d8f1ce21b18ad5dd67eeb39e5c - < ee73a15d4a8ce8fb02d7866f7cf78fcdd16f0fcc` affected `c770d8631e1810d8f1ce21b18ad5dd67eeb39e5c - < 5127c42c77de18651aa9e8e0a3ced190103b449c`
Linux	Linux	affected `5.13` unaffected `0 - < 5.13` unaffected `6.6.51 - <= 6.6.` unaffected `6.10.10 - <= 6.10.` unaffected `6.11 - <= *`

References

https://git.kernel.org/stable/c/16ccaf581da4fcf1e4d66086cf37263f9a656d43

https://git.kernel.org/stable/c/ee73a15d4a8ce8fb02d7866f7cf78fcdd16f0fcc

https://git.kernel.org/stable/c/5127c42c77de18651aa9e8e0a3ced190103b449c

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2024-47664

Description

Affected Products

References