References to Advisories, Solutions, and Tools

By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other web sites that are more appropriate for your purpose. NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, NIST does not endorse any commercial products that may be mentioned on these sites. Please address comments about this page to [email protected].

Change History

In the Linux kernel, the following vulnerability has been resolved:

mtd: rawnand: serialize lock/unlock against other NAND operations

nand_lock() and nand_unlock() call into chip->ops.lock_area/unlock_area
without holding the NAND device lock. On controllers that implement
SET_FEATURES via multiple low-level PIO commands, these can race with
concurrent UBI/UBIFS background erase/write operations that hold the
device lock, resulting in cmd_pending conflicts on the NAND controller.

Add nand_get_device()/nand_release_device() around the lock/unlock
operations to serialize them against all other NAND controller access.

https://git.kernel.org/stable/c/5fd5c078af23cb353507aa522e09d557d7eaef04

https://git.kernel.org/stable/c/a80291e577b44593a724d6cd64c14337c78f194d

https://git.kernel.org/stable/c/bab2bc6e850a697a23b9e5f0e21bb8c187615e95

https://git.kernel.org/stable/c/ce5229e78078e437704157eb542f43a6f83b429b

https://git.kernel.org/stable/c/f25446e2c28939753d3b62d34dfda49952b2557d

https://git.kernel.org/stable/c/f71ce0ae5aefe39dd5b2f996c0e08550d2153ad2