CVE-2022-49173

Summary

In the Linux kernel, the following vulnerability has been resolved:

spi: fsi: Implement a timeout for polling status

The data transfer routines must poll the status register to determine when more data can be shifted in or out. If the hardware gets into a bad state, these polling loops may never exit. Prevent this by returning an error if a timeout is exceeded.

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxbbb6b2f9865b3ed23eb457131b9ea541a3173a66 < d4982ceb137e6ecd2b466a6de639790a148cf19aaffected
LinuxLinuxbbb6b2f9865b3ed23eb457131b9ea541a3173a66 < dac1438f347d3b8cf892105c94e254f29c5764deaffected
LinuxLinuxbbb6b2f9865b3ed23eb457131b9ea541a3173a66 < 89b35e3f28514087d3f1e28e8f5634fbfd07c554affected
LinuxLinux5.7affected
LinuxLinux0 < 5.7unaffected
LinuxLinux5.16.19 <= 5.16.*unaffected
LinuxLinux5.17.2 <= 5.17.*unaffected
LinuxLinux5.18 <= *unaffected

Weaknesses

References