{"id":"CVE-2024-42249","summary":"spi: don't unoptimize message in spi_async()","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nspi: don't unoptimize message in spi_async()\n\nCalling spi_maybe_unoptimize_message() in spi_async() is wrong because\nthe message is likely to be in the queue and not transferred yet. This\ncan corrupt the message while it is being used by the controller driver.\n\nspi_maybe_unoptimize_message() is already called in the correct place\nin spi_finalize_current_message() to balance the call to\nspi_maybe_optimize_message() in spi_async().","modified":"2026-05-18T05:56:07.278238355Z","published":"2024-08-07T15:14:33.418Z","database_specific":{"osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/42xxx/CVE-2024-42249.json","cna_assigner":"Linux"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/8b9af6d67517ce4a0015928b3cf35bfd2b1bc1c2"},{"type":"WEB","url":"https://git.kernel.org/stable/c/c86a918b1bdba78fb155184f8d88dfba1e63335d"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/42xxx/CVE-2024-42249.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2024-42249"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"7b1d87af14d9ae902ed0c5dc5fabf4eea5abdf02"},{"fixed":"8b9af6d67517ce4a0015928b3cf35bfd2b1bc1c2"},{"fixed":"c86a918b1bdba78fb155184f8d88dfba1e63335d"}]}],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-42249.json"}},{"package":{"name":"Kernel","ecosystem":"Linux"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"6.9.0"},{"fixed":"6.9.10"}]}],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-42249.json"}}],"schema_version":"1.7.5"}