Release Date: | 2024-02-22 |
In the Linux kernel, the following vulnerability has been resolved:\ni2c: i801: Fix block process call transactions\nAccording to the Intel datasheets, software must reset the block\nbuffer index twice for block process call transactions: once before\nwriting the outgoing data to the buffer, and once again before\nreading the incoming data from the buffer.\nThe driver is currently missing the second reset, causing the wrong\nportion of the block buffer to be read.
See more information about CVE-2024-26593 from MITRE CVE dictionary and NIST NVD
NOTE: The following CVSS v3.0 metrics and score provided are preliminary and subject to review.
Base Score: | 4.4 | Base Metrics: | AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H |
Access Vector: | Local network | Attack Complexity: | Low |
Privileges Required: | High | User Interaction: | None |
Scope: | Unchanged | Confidentiality Impact: | None |
Integrity Impact: | None | Availability Impact: | High |
Platform | Errata | Release Date |
Oracle Linux version 9 (kernel) | ELSA-2024-2394 | 2024-05-02 |
This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team