ghsa-8hgx-89h7-3vhm
Vulnerability from github
In the Linux kernel, the following vulnerability has been resolved:
arm64: dts: imx8ulp: correct the flexspi compatible string
The flexspi on imx8ulp only has 16 LUTs, and imx8mm flexspi has 32 LUTs, so correct the compatible string here, otherwise will meet below error:
[ 1.119072] ------------[ cut here ]------------ [ 1.123926] WARNING: CPU: 0 PID: 1 at drivers/spi/spi-nxp-fspi.c:855 nxp_fspi_exec_op+0xb04/0xb64 [ 1.133239] Modules linked in: [ 1.136448] CPU: 0 UID: 0 PID: 1 Comm: swapper/0 Not tainted 6.11.0-rc6-next-20240902-00001-g131bf9439dd9 #69 [ 1.146821] Hardware name: NXP i.MX8ULP EVK (DT) [ 1.151647] pstate: 40000005 (nZcv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 1.158931] pc : nxp_fspi_exec_op+0xb04/0xb64 [ 1.163496] lr : nxp_fspi_exec_op+0xa34/0xb64 [ 1.168060] sp : ffff80008002b2a0 [ 1.171526] x29: ffff80008002b2d0 x28: 0000000000000000 x27: 0000000000000000 [ 1.179002] x26: ffff2eb645542580 x25: ffff800080610014 x24: ffff800080610000 [ 1.186480] x23: ffff2eb645548080 x22: 0000000000000006 x21: ffff2eb6455425e0 [ 1.193956] x20: 0000000000000000 x19: ffff80008002b5e0 x18: ffffffffffffffff [ 1.201432] x17: ffff2eb644467508 x16: 0000000000000138 x15: 0000000000000002 [ 1.208907] x14: 0000000000000000 x13: ffff2eb6400d8080 x12: 00000000ffffff00 [ 1.216378] x11: 0000000000000000 x10: ffff2eb6400d8080 x9 : ffff2eb697adca80 [ 1.223850] x8 : ffff2eb697ad3cc0 x7 : 0000000100000000 x6 : 0000000000000001 [ 1.231324] x5 : 0000000000000000 x4 : 0000000000000000 x3 : 00000000000007a6 [ 1.238795] x2 : 0000000000000000 x1 : 00000000000001ce x0 : 00000000ffffff92 [ 1.246267] Call trace: [ 1.248824] nxp_fspi_exec_op+0xb04/0xb64 [ 1.253031] spi_mem_exec_op+0x3a0/0x430 [ 1.257139] spi_nor_read_id+0x80/0xcc [ 1.261065] spi_nor_scan+0x1ec/0xf10 [ 1.264901] spi_nor_probe+0x108/0x2fc [ 1.268828] spi_mem_probe+0x6c/0xbc [ 1.272574] spi_probe+0x84/0xe4 [ 1.275958] really_probe+0xbc/0x29c [ 1.279713] __driver_probe_device+0x78/0x12c [ 1.284277] driver_probe_device+0xd8/0x15c [ 1.288660] __device_attach_driver+0xb8/0x134 [ 1.293316] bus_for_each_drv+0x88/0xe8 [ 1.297337] __device_attach+0xa0/0x190 [ 1.301353] device_initial_probe+0x14/0x20 [ 1.305734] bus_probe_device+0xac/0xb0 [ 1.309752] device_add+0x5d0/0x790 [ 1.313408] __spi_add_device+0x134/0x204 [ 1.317606] of_register_spi_device+0x3b4/0x590 [ 1.322348] spi_register_controller+0x47c/0x754 [ 1.327181] devm_spi_register_controller+0x4c/0xa4 [ 1.332289] nxp_fspi_probe+0x1cc/0x2b0 [ 1.336307] platform_probe+0x68/0xc4 [ 1.340145] really_probe+0xbc/0x29c [ 1.343893] __driver_probe_device+0x78/0x12c [ 1.348457] driver_probe_device+0xd8/0x15c [ 1.352838] __driver_attach+0x90/0x19c [ 1.356857] bus_for_each_dev+0x7c/0xdc [ 1.360877] driver_attach+0x24/0x30 [ 1.364624] bus_add_driver+0xe4/0x208 [ 1.368552] driver_register+0x5c/0x124 [ 1.372573] __platform_driver_register+0x28/0x34 [ 1.377497] nxp_fspi_driver_init+0x1c/0x28 [ 1.381888] do_one_initcall+0x80/0x1c8 [ 1.385908] kernel_init_freeable+0x1c4/0x28c [ 1.390472] kernel_init+0x20/0x1d8 [ 1.394138] ret_from_fork+0x10/0x20 [ 1.397885] ---[ end trace 0000000000000000 ]--- [ 1.407908] ------------[ cut here ]------------
{
"affected": [],
"aliases": [
"CVE-2024-53046"
],
"database_specific": {
"cwe_ids": [],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-11-19T18:15:24Z",
"severity": "MODERATE"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\narm64: dts: imx8ulp: correct the flexspi compatible string\n\nThe flexspi on imx8ulp only has 16 LUTs, and imx8mm flexspi has\n32 LUTs, so correct the compatible string here, otherwise will\nmeet below error:\n\n[ 1.119072] ------------[ cut here ]------------\n[ 1.123926] WARNING: CPU: 0 PID: 1 at drivers/spi/spi-nxp-fspi.c:855 nxp_fspi_exec_op+0xb04/0xb64\n[ 1.133239] Modules linked in:\n[ 1.136448] CPU: 0 UID: 0 PID: 1 Comm: swapper/0 Not tainted 6.11.0-rc6-next-20240902-00001-g131bf9439dd9 #69\n[ 1.146821] Hardware name: NXP i.MX8ULP EVK (DT)\n[ 1.151647] pstate: 40000005 (nZcv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n[ 1.158931] pc : nxp_fspi_exec_op+0xb04/0xb64\n[ 1.163496] lr : nxp_fspi_exec_op+0xa34/0xb64\n[ 1.168060] sp : ffff80008002b2a0\n[ 1.171526] x29: ffff80008002b2d0 x28: 0000000000000000 x27: 0000000000000000\n[ 1.179002] x26: ffff2eb645542580 x25: ffff800080610014 x24: ffff800080610000\n[ 1.186480] x23: ffff2eb645548080 x22: 0000000000000006 x21: ffff2eb6455425e0\n[ 1.193956] x20: 0000000000000000 x19: ffff80008002b5e0 x18: ffffffffffffffff\n[ 1.201432] x17: ffff2eb644467508 x16: 0000000000000138 x15: 0000000000000002\n[ 1.208907] x14: 0000000000000000 x13: ffff2eb6400d8080 x12: 00000000ffffff00\n[ 1.216378] x11: 0000000000000000 x10: ffff2eb6400d8080 x9 : ffff2eb697adca80\n[ 1.223850] x8 : ffff2eb697ad3cc0 x7 : 0000000100000000 x6 : 0000000000000001\n[ 1.231324] x5 : 0000000000000000 x4 : 0000000000000000 x3 : 00000000000007a6\n[ 1.238795] x2 : 0000000000000000 x1 : 00000000000001ce x0 : 00000000ffffff92\n[ 1.246267] Call trace:\n[ 1.248824] nxp_fspi_exec_op+0xb04/0xb64\n[ 1.253031] spi_mem_exec_op+0x3a0/0x430\n[ 1.257139] spi_nor_read_id+0x80/0xcc\n[ 1.261065] spi_nor_scan+0x1ec/0xf10\n[ 1.264901] spi_nor_probe+0x108/0x2fc\n[ 1.268828] spi_mem_probe+0x6c/0xbc\n[ 1.272574] spi_probe+0x84/0xe4\n[ 1.275958] really_probe+0xbc/0x29c\n[ 1.279713] __driver_probe_device+0x78/0x12c\n[ 1.284277] driver_probe_device+0xd8/0x15c\n[ 1.288660] __device_attach_driver+0xb8/0x134\n[ 1.293316] bus_for_each_drv+0x88/0xe8\n[ 1.297337] __device_attach+0xa0/0x190\n[ 1.301353] device_initial_probe+0x14/0x20\n[ 1.305734] bus_probe_device+0xac/0xb0\n[ 1.309752] device_add+0x5d0/0x790\n[ 1.313408] __spi_add_device+0x134/0x204\n[ 1.317606] of_register_spi_device+0x3b4/0x590\n[ 1.322348] spi_register_controller+0x47c/0x754\n[ 1.327181] devm_spi_register_controller+0x4c/0xa4\n[ 1.332289] nxp_fspi_probe+0x1cc/0x2b0\n[ 1.336307] platform_probe+0x68/0xc4\n[ 1.340145] really_probe+0xbc/0x29c\n[ 1.343893] __driver_probe_device+0x78/0x12c\n[ 1.348457] driver_probe_device+0xd8/0x15c\n[ 1.352838] __driver_attach+0x90/0x19c\n[ 1.356857] bus_for_each_dev+0x7c/0xdc\n[ 1.360877] driver_attach+0x24/0x30\n[ 1.364624] bus_add_driver+0xe4/0x208\n[ 1.368552] driver_register+0x5c/0x124\n[ 1.372573] __platform_driver_register+0x28/0x34\n[ 1.377497] nxp_fspi_driver_init+0x1c/0x28\n[ 1.381888] do_one_initcall+0x80/0x1c8\n[ 1.385908] kernel_init_freeable+0x1c4/0x28c\n[ 1.390472] kernel_init+0x20/0x1d8\n[ 1.394138] ret_from_fork+0x10/0x20\n[ 1.397885] ---[ end trace 0000000000000000 ]---\n[ 1.407908] ------------[ cut here ]------------",
"id": "GHSA-8hgx-89h7-3vhm",
"modified": "2024-11-27T21:32:43Z",
"published": "2024-11-19T18:31:06Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-53046"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/409dc5196d5b6eb67468a06bf4d2d07d7225a67b"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/c3c02fa6a560b3af7999a067cd387970f4b3f1fa"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/e3fb0e6afcc399660770428a35162b4880e2e14e"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.