CVE-2024-26842
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2024-26842
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-26842.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2024-26842
- Related
- Published
- 2024-04-17T10:15:09Z
- Modified
- 2024-09-18T03:26:04.937133Z
- Summary
- [none]
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
scsi: ufs: core: Fix shift issue in ufshcdclearcmd()
When tasktag >= 32 (in MCQ mode) and sizeof(unsigned int) == 4, 1U << tasktag will out of bounds for a u32 mask. Fix this up to prevent SHIFT_ISSUE (bitwise shifts that are out of bounds for their data type).
[name:debugmonitors&]Unexpected kernel BRK exception at EL1 [name:traps&]Internal error: BRK handler: 00000000f2005514 [#1] PREEMPT SMP [name:mediatekcpufreqhw&]cpufreq stop DVFS log done [name:mrdump&]Kernel Offset: 0x1ba5800000 from 0xffffffc008000000 [name:mrdump&]PHYSOFFSET: 0x80000000 [name:mrdump&]pstate: 22400005 (nzCv daif +PAN -UAO) [name:mrdump&]pc : [0xffffffdbaf52bb2c] ufshcdclearcmd+0x280/0x288 [name:mrdump&]lr : [0xffffffdbaf52a774] ufshcdwaitfordevcmd+0x3e4/0x82c [name:mrdump&]sp : ffffffc0081471b0 <snip> Workqueue: ufsehwq0 ufshcderrhandler Call trace: dumpbacktrace+0xf8/0x144 showstack+0x18/0x24 dumpstacklvl+0x78/0x9c dumpstack+0x18/0x44 mrdumpcommondie+0x254/0x480 [mrdump] ipanicdie+0x20/0x30 [mrdump] notifydie+0x15c/0x204 die+0x10c/0x5f8 arm64notifydie+0x74/0x13c dodebugexception+0x164/0x26c el1dbg+0x64/0x80 el1h64synchandler+0x3c/0x90 el1h64sync+0x68/0x6c ufshcdclearcmd+0x280/0x288 ufshcdwaitfordevcmd+0x3e4/0x82c ufshcdexecdevcmd+0x5bc/0x9ac ufshcdverifydevinit+0x84/0x1c8 ufshcdprobehba+0x724/0x1ce0 ufshcdhostresetandrestore+0x260/0x574 ufshcdresetandrestore+0x138/0xbd0 ufshcderrhandler+0x1218/0x2f28 processonework+0x5fc/0x1140 workerthread+0x7d8/0xe20 kthread+0x25c/0x468 retfromfork+0x10/0x20
- References
Affected packages
Debian:11 / linux
Package
- Name
- linux
- Purl
- pkg:deb/debian/linux?arch=source
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
5.*
6.*
Debian:12 / linux
Package
- Name
- linux
- Purl
- pkg:deb/debian/linux?arch=source
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
6.*
Debian:13 / linux
Package
- Name
- linux
- Purl
- pkg:deb/debian/linux?arch=source
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed6.7.7-1