CVE-2024-47664
- Source
- https://cve.org/CVERecord?id=CVE-2024-47664
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-47664.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2024-47664
- Downstream
- Related
- Published
- 2024-10-09T14:13:57.337Z
- Modified
- 2026-03-20T12:38:02.564036Z
- Summary
- spi: hisi-kunpeng: Add verification for the max_frequency provided by the firmware
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
spi: hisi-kunpeng: Add verification for the max_frequency provided by the firmware
If the value of maxspeedhz is 0, it may cause a division by zero error in hisicalceffectivespeed(). The value of maxspeedhz is provided by firmware. Firmware is generally considered as a trusted domain. However, as division by zero errors can cause system failure, for defense measure, the value of maxspeed is validated here. So 0 is regarded as invalid and an error code is returned.
- Database specific
{ "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/47xxx/CVE-2024-47664.json", "cna_assigner": "Linux" }- References
-
- https://git.kernel.org/stable/c/16ccaf581da4fcf1e4d66086cf37263f9a656d43
- https://git.kernel.org/stable/c/5127c42c77de18651aa9e8e0a3ced190103b449c
- https://git.kernel.org/stable/c/ee73a15d4a8ce8fb02d7866f7cf78fcdd16f0fcc
- https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/47xxx/CVE-2024-47664.json
- https://nvd.nist.gov/vuln/detail/CVE-2024-47664
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git