CVE-2024-35984

Summary

In the Linux kernel, the following vulnerability has been resolved:

i2c: smbus: fix NULL function pointer dereference

Baruch reported an OOPS when using the designware controller as target only. Target-only modes break the assumption of one transfer function always being available. Fix this by always checking the pointer in __i2c_transfer.

[wsa: dropped the simplification in core-smbus to avoid theoretical regressions]

Affected Software

VendorProductVersion RangeStatus
LinuxLinux63453b59e41173241c4efe9335815f6432fa8586 < 40f1d79f07b49c8a64a861706e5163f2db4bd95daffected
LinuxLinux63453b59e41173241c4efe9335815f6432fa8586 < ad3c3ac7a03be3697114f781193dd3e9d97e6e23affected
LinuxLinux63453b59e41173241c4efe9335815f6432fa8586 < 5fd72404587d7db4acb2d241fd8c387afb0a7aecaffected
LinuxLinux63453b59e41173241c4efe9335815f6432fa8586 < 5a09eae9a7db597fe0c1fc91636205b4a25d2620affected
LinuxLinux63453b59e41173241c4efe9335815f6432fa8586 < 4e75e222d397c6752b229ed72fc4644c8c36ecdeaffected
LinuxLinux63453b59e41173241c4efe9335815f6432fa8586 < e3425674ff68dc521c57c6eabad0cbd20a027d85affected
LinuxLinux63453b59e41173241c4efe9335815f6432fa8586 < 357c64ef1ef39b1e7cd91ab6bdd304d043702c83affected
LinuxLinux63453b59e41173241c4efe9335815f6432fa8586 < 91811a31b68d3765b3065f4bb6d7d6d84a7cfc9faffected
LinuxLinux4.19affected
LinuxLinux0 < 4.19unaffected
LinuxLinux4.19.313 <= 4.19.*unaffected
LinuxLinux5.4.275 <= 5.4.*unaffected
LinuxLinux5.10.216 <= 5.10.*unaffected
LinuxLinux5.15.158 <= 5.15.*unaffected
LinuxLinux6.1.90 <= 6.1.*unaffected
LinuxLinux6.6.30 <= 6.6.*unaffected
LinuxLinux6.8.9 <= 6.8.*unaffected
LinuxLinux6.9 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

Additional References

References