SB20240702112 - Infinite loop in Linux kernel arm mach-ep93xx
Published: July 2, 2024 Updated: May 13, 2025
Security Bulletin ID
SB20240702112
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Local access
Highest impact
Denial of service
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Infinite loop (CVE-ID: CVE-2024-26751)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to infinite loop within the GPIO_LOOKUP_IDX() function in arch/arm/mach-ep93xx/core.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/9e200a06ae2abb321939693008290af32b33dd6e
- https://git.kernel.org/stable/c/999a8bb70da2946336327b4480824d1691cae1fa
- https://git.kernel.org/stable/c/70d92abbe29692a3de8697ae082c60f2d21ab482
- https://git.kernel.org/stable/c/eec6cbbfa1e8d685cc245cfd5626d0715a127a48
- https://git.kernel.org/stable/c/786f089086b505372fb3f4f008d57e7845fff0d8
- https://git.kernel.org/stable/c/97ba7c1f9c0a2401e644760d857b2386aa895997
- https://git.kernel.org/stable/c/6abe0895b63c20de06685c8544b908c7e413efa8
- https://git.kernel.org/stable/c/fdf87a0dc26d0550c60edc911cda42f9afec3557
- https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html
- https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.308
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.211
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.150
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.270
- https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.1.80
- https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.6.19
- https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.7.7
- https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.8