CVE-2026-23202
- Source
- https://cve.org/CVERecord?id=CVE-2026-23202
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2026-23202.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2026-23202
- Downstream
- Related
- Published
- 2026-02-14T16:27:26.365Z
- Modified
- 2026-04-02T17:30:15.214908258Z
- Summary
- spi: tegra210-quad: Protect curr_xfer in tegra_qspi_combined_seq_xfer
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
spi: tegra210-quad: Protect currxfer in tegraqspicombinedseq_xfer
The currxfer field is read by the IRQ handler without holding the lock to check if a transfer is in progress. When clearing currxfer in the combined sequence transfer loop, protect it with the spinlock to prevent a race with the interrupt handler.
Protect the currxfer clearing at the exit path of tegraqspicombinedseq_xfer() with the spinlock to prevent a race with the interrupt handler that reads this field.
Without this protection, the IRQ handler could read a partially updated curr_xfer value, leading to NULL pointer dereference or use-after-free.
- Database specific
{ "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/23xxx/CVE-2026-23202.json", "cna_assigner": "Linux" }- References
-
- https://git.kernel.org/stable/c/3bc293d5b56502068481478842f57b3d96e432c7
- https://git.kernel.org/stable/c/6fd446178a610a48e80e5c5b487b0707cd01daac
- https://git.kernel.org/stable/c/712cde8d916889e282727cdf304a43683adf899e
- https://git.kernel.org/stable/c/762e2ce71c8f0238e9eaf05d14da803d9a24422f
- https://git.kernel.org/stable/c/9fa4262a80f751d14a6a39d2c03f57db68da2618
- https://git.kernel.org/stable/c/bf4528ab28e2bf112c3a2cdef44fd13f007781cd
- https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/23xxx/CVE-2026-23202.json
- https://nvd.nist.gov/vuln/detail/CVE-2026-23202
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced88db8bb7ed1bb474618acdf05ebd4f0758d244e2Fixed9fa4262a80f751d14a6a39d2c03f57db68da2618
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced83309dd551cfd60a5a1a98d9cab19f435b44d46dFixed762e2ce71c8f0238e9eaf05d14da803d9a24422f
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introducedc934e40246da2c5726d14e94719c514e30840df8Fixed712cde8d916889e282727cdf304a43683adf899e
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced551060efb156c50fe33799038ba8145418cfdeefFixed6fd446178a610a48e80e5c5b487b0707cd01daac
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced01bbf25c767219b14c3235bfa85906b8d2cb8fbcFixed3bc293d5b56502068481478842f57b3d96e432c7
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introducedb4e002d8a7cee3b1d70efad0e222567f92a73000Fixedbf4528ab28e2bf112c3a2cdef44fd13f007781cd
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedLast affectedbb0c58be84f907285af45657c1d4847b960a12bf
Linux / Kernel
Package
- Name
- Kernel