In the Linux kernel, the following vulnerability has been resolved:
spi: microchip-core: ensure TX and RX FIFOs are empty at start of a transfer
While transmitting with rx_len == 0, the RX FIFO is not going to be emptied in the interrupt handler. A subsequent transfer could then read crap from the previous transfer out of the RX FIFO into the start RX buffer. The core provides a register that will empty the RX and TX FIFOs, so do that before each transfer.
{ "vanir_signatures": [ { "digest": { "length": 682.0, "function_hash": "3796881681205280688975234769492803394" }, "target": { "function": "mchp_corespi_transfer_one", "file": "drivers/spi/spi-microchip-core.c" }, "signature_type": "Function", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@9cf71eb0faef4bff01df4264841b8465382d7927", "deprecated": false, "signature_version": "v1", "id": "CVE-2024-42279-3ab4e662" }, { "digest": { "length": 682.0, "function_hash": "3796881681205280688975234769492803394" }, "target": { "function": "mchp_corespi_transfer_one", "file": "drivers/spi/spi-microchip-core.c" }, "signature_type": "Function", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@3feda3677e8bbe833c3a62a4091377a08f015b80", "deprecated": false, "signature_version": "v1", "id": "CVE-2024-42279-466d6735" }, { "digest": { "line_hashes": [ "57722032789339676395240469758218821737", "237390146636945599543940258558576012292", "160638258125066624630039937228019330206", "82935917437904656425383259101510640820", "112016826328585269979819743698829307049", "257442368456788240496364330544911128473" ], "threshold": 0.9 }, "target": { "file": "drivers/spi/spi-microchip-core.c" }, "signature_type": "Line", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@3feda3677e8bbe833c3a62a4091377a08f015b80", "deprecated": false, "signature_version": "v1", "id": "CVE-2024-42279-57b64af6" }, { "digest": { "line_hashes": [ "57722032789339676395240469758218821737", "237390146636945599543940258558576012292", "160638258125066624630039937228019330206", "82935917437904656425383259101510640820", "112016826328585269979819743698829307049", "257442368456788240496364330544911128473" ], "threshold": 0.9 }, "target": { "file": "drivers/spi/spi-microchip-core.c" }, "signature_type": "Line", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@9cf71eb0faef4bff01df4264841b8465382d7927", "deprecated": false, "signature_version": "v1", "id": "CVE-2024-42279-d700fa17" } ] }