CVE-2024-56771: mtd: spinand: winbond: Fix 512GW, 01GW, 01JW and 02JW ECC information
Description
In the Linux kernel, the following vulnerability has been resolved:
mtd: spinand: winbond: Fix 512GW, 01GW, 01JW and 02JW ECC information
These four chips:
* W25N512GW
* W25N01GW
* W25N01JW
* W25N02JW
all require a single bit of ECC strength and thus feature an on-die
Hamming-like ECC engine. There is no point in filling a ->get_status()
callback for them because the main ECC status bytes are located in
standard places, and retrieving the number of bitflips in case of
corrected chunk is both useless and unsupported (if there are bitflips,
then there is 1 at most, so no need to query the chip for that).
Without this change, a kernel warning triggers every time a bit flips.
Classification
CVE ID: CVE-2024-56771
Affected Products
Vendor: Linux
Product: Linux
Exploit Prediction Scoring System (EPSS)
EPSS Score: 0.04% (probability of being exploited)
EPSS Percentile: 11.48% (scored less or equal to compared to others)
EPSS Date: 2025-02-06 (when was this score calculated)
References
https://git.kernel.org/stable/c/234d5f75c3ae911b52c5e4442b8a87fbbd129836https://git.kernel.org/stable/c/fee9b240916df82a8b07aef0fdfe96785417a164