CVE-2024-50224

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2024-50224
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-50224.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2024-50224
Downstream
Related
Published
2024-11-09T10:14:35Z
Modified
2025-10-15T02:24:21.489309Z
Severity
  • 5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
spi: spi-fsl-dspi: Fix crash when not using GPIO chip select
Details

In the Linux kernel, the following vulnerability has been resolved:

spi: spi-fsl-dspi: Fix crash when not using GPIO chip select

Add check for the return value of spigetcsgpiod() to avoid passing a NULL pointer to gpioddirectionoutput(), preventing a crash when GPIO chip select is not used.

Fix below crash: [ 4.251960] Unable to handle kernel NULL pointer dereference at virtual address 0000000000000000 [ 4.260762] Mem abort info: [ 4.263556] ESR = 0x0000000096000004 [ 4.267308] EC = 0x25: DABT (current EL), IL = 32 bits [ 4.272624] SET = 0, FnV = 0 [ 4.275681] EA = 0, S1PTW = 0 [ 4.278822] FSC = 0x04: level 0 translation fault [ 4.283704] Data abort info: [ 4.286583] ISV = 0, ISS = 0x00000004, ISS2 = 0x00000000 [ 4.292074] CM = 0, WnR = 0, TnD = 0, TagAccess = 0 [ 4.297130] GCS = 0, Overlay = 0, DirtyBit = 0, Xs = 0 [ 4.302445] [0000000000000000] user address but activemm is swapper [ 4.308805] Internal error: Oops: 0000000096000004 [#1] PREEMPT SMP [ 4.315072] Modules linked in: [ 4.318124] CPU: 2 UID: 0 PID: 1 Comm: swapper/0 Not tainted 6.12.0-rc4-next-20241023-00008-ga20ec42c5fc1 #359 [ 4.328130] Hardware name: LS1046A QDS Board (DT) [ 4.332832] pstate: 40000005 (nZcv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 4.339794] pc : gpioddirectionoutput+0x34/0x5c [ 4.344505] lr : gpioddirectionoutput+0x18/0x5c [ 4.349208] sp : ffff80008003b8f0 [ 4.352517] x29: ffff80008003b8f0 x28: 0000000000000000 x27: ffffc96bcc7e9068 [ 4.359659] x26: ffffc96bcc6e00b0 x25: ffffc96bcc598398 x24: ffff447400132810 [ 4.366800] x23: 0000000000000000 x22: 0000000011e1a300 x21: 0000000000020002 [ 4.373940] x20: 0000000000000000 x19: 0000000000000000 x18: ffffffffffffffff [ 4.381081] x17: ffff44740016e600 x16: 0000000500000003 x15: 0000000000000007 [ 4.388221] x14: 0000000000989680 x13: 0000000000020000 x12: 000000000000001e [ 4.395362] x11: 0044b82fa09b5a53 x10: 0000000000000019 x9 : 0000000000000008 [ 4.402502] x8 : 0000000000000002 x7 : 0000000000000007 x6 : 0000000000000000 [ 4.409641] x5 : 0000000000000200 x4 : 0000000002000000 x3 : 0000000000000000 [ 4.416781] x2 : 0000000000022202 x1 : 0000000000000000 x0 : 0000000000000000 [ 4.423921] Call trace: [ 4.426362] gpioddirectionoutput+0x34/0x5c (P) [ 4.431067] gpioddirectionoutput+0x18/0x5c (L) [ 4.435771] dspisetup+0x220/0x334

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
9e264f3f85a56cc109cc2d6010a48aa89d5c1ff1
Fixed
e79c1f1c9100b4adc91c6512985db2cc961aafaa
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
9e264f3f85a56cc109cc2d6010a48aa89d5c1ff1
Fixed
89f74c968319d040739d6238e1c3a4caa16a5a00
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
9e264f3f85a56cc109cc2d6010a48aa89d5c1ff1
Fixed
25f00a13dccf8e45441265768de46c8bf58e08f6

Affected versions

v6.*

v6.10
v6.10-rc1
v6.10-rc2
v6.10-rc3
v6.10-rc4
v6.10-rc5
v6.10-rc6
v6.10-rc7
v6.11
v6.11-rc1
v6.11-rc2
v6.11-rc3
v6.11-rc4
v6.11-rc5
v6.11-rc6
v6.11-rc7
v6.11.1
v6.11.2
v6.11.3
v6.11.4
v6.11.5
v6.11.6
v6.12-rc1
v6.12-rc2
v6.3
v6.3-rc2
v6.3-rc3
v6.3-rc4
v6.3-rc5
v6.3-rc6
v6.3-rc7
v6.4
v6.4-rc1
v6.4-rc2
v6.4-rc3
v6.4-rc4
v6.4-rc5
v6.4-rc6
v6.4-rc7
v6.5
v6.5-rc1
v6.5-rc2
v6.5-rc3
v6.5-rc4
v6.5-rc5
v6.5-rc6
v6.5-rc7
v6.6
v6.6-rc1
v6.6-rc2
v6.6-rc3
v6.6-rc4
v6.6-rc5
v6.6-rc6
v6.6-rc7
v6.6.1
v6.6.10
v6.6.11
v6.6.12
v6.6.13
v6.6.14
v6.6.15
v6.6.16
v6.6.17
v6.6.18
v6.6.19
v6.6.2
v6.6.20
v6.6.21
v6.6.22
v6.6.23
v6.6.24
v6.6.25
v6.6.26
v6.6.27
v6.6.28
v6.6.29
v6.6.3
v6.6.30
v6.6.31
v6.6.32
v6.6.33
v6.6.34
v6.6.35
v6.6.36
v6.6.37
v6.6.38
v6.6.39
v6.6.4
v6.6.40
v6.6.41
v6.6.42
v6.6.43
v6.6.44
v6.6.45
v6.6.46
v6.6.47
v6.6.48
v6.6.49
v6.6.5
v6.6.50
v6.6.51
v6.6.52
v6.6.53
v6.6.54
v6.6.55
v6.6.56
v6.6.57
v6.6.58
v6.6.59
v6.6.6
v6.6.7
v6.6.8
v6.6.9
v6.7
v6.7-rc1
v6.7-rc2
v6.7-rc3
v6.7-rc4
v6.7-rc5
v6.7-rc6
v6.7-rc7
v6.7-rc8
v6.8
v6.8-rc1
v6.8-rc2
v6.8-rc3
v6.8-rc4
v6.8-rc5
v6.8-rc6
v6.8-rc7
v6.9
v6.9-rc1
v6.9-rc2
v6.9-rc3
v6.9-rc4
v6.9-rc5
v6.9-rc6
v6.9-rc7

Database specific 

{
    "vanir_signatures": [
        {
            "target": {
                "file": "drivers/spi/spi-fsl-dspi.c",
                "function": "dspi_setup"
            },
            "id": "CVE-2024-50224-34c4f13c",
            "digest": {
                "length": 1810.0,
                "function_hash": "140663731483850380016777866863330767122"
            },
            "signature_version": "v1",
            "deprecated": false,
            "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@89f74c968319d040739d6238e1c3a4caa16a5a00",
            "signature_type": "Function"
        },
        {
            "target": {
                "file": "drivers/spi/spi-fsl-dspi.c",
                "function": "dspi_setup"
            },
            "id": "CVE-2024-50224-41d55f83",
            "digest": {
                "length": 1810.0,
                "function_hash": "140663731483850380016777866863330767122"
            },
            "signature_version": "v1",
            "deprecated": false,
            "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@25f00a13dccf8e45441265768de46c8bf58e08f6",
            "signature_type": "Function"
        },
        {
            "target": {
                "file": "drivers/spi/spi-fsl-dspi.c",
                "function": "dspi_setup"
            },
            "id": "CVE-2024-50224-5049b0c4",
            "digest": {
                "length": 1623.0,
                "function_hash": "52568274953081832370424437871741650958"
            },
            "signature_version": "v1",
            "deprecated": false,
            "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@e79c1f1c9100b4adc91c6512985db2cc961aafaa",
            "signature_type": "Function"
        },
        {
            "target": {
                "file": "drivers/spi/spi-fsl-dspi.c"
            },
            "id": "CVE-2024-50224-5cd64ba4",
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "181906527719839326354444626569997440905",
                    "59626284138080083177609239037203589188",
                    "264987330339826151851174138140490885968",
                    "328089730494604167085119020915201578097",
                    "51706042208306581271250541377250822151",
                    "148152825169654610951439523117000536333",
                    "289374058373972186001278062772983899052",
                    "88763641477023879390967498971417448112"
                ]
            },
            "signature_version": "v1",
            "deprecated": false,
            "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@89f74c968319d040739d6238e1c3a4caa16a5a00",
            "signature_type": "Line"
        },
        {
            "target": {
                "file": "drivers/spi/spi-fsl-dspi.c"
            },
            "id": "CVE-2024-50224-697e91d4",
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "181906527719839326354444626569997440905",
                    "59626284138080083177609239037203589188",
                    "264987330339826151851174138140490885968",
                    "328089730494604167085119020915201578097",
                    "51706042208306581271250541377250822151",
                    "148152825169654610951439523117000536333",
                    "289374058373972186001278062772983899052",
                    "88763641477023879390967498971417448112"
                ]
            },
            "signature_version": "v1",
            "deprecated": false,
            "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@e79c1f1c9100b4adc91c6512985db2cc961aafaa",
            "signature_type": "Line"
        },
        {
            "target": {
                "file": "drivers/spi/spi-fsl-dspi.c"
            },
            "id": "CVE-2024-50224-b613eab5",
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "181906527719839326354444626569997440905",
                    "59626284138080083177609239037203589188",
                    "264987330339826151851174138140490885968",
                    "328089730494604167085119020915201578097",
                    "51706042208306581271250541377250822151",
                    "148152825169654610951439523117000536333",
                    "289374058373972186001278062772983899052",
                    "88763641477023879390967498971417448112"
                ]
            },
            "signature_version": "v1",
            "deprecated": false,
            "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@25f00a13dccf8e45441265768de46c8bf58e08f6",
            "signature_type": "Line"
        }
    ]
}

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
6.4.0
Fixed
6.6.60
Type
ECOSYSTEM
Events
Introduced
6.7.0
Fixed
6.11.7