Staging Environment: Content and features may be unstable or change without notice.
Search for vulnerabilities
Vulnerability details: VCID-m4mj-cjt5-a3g4
Vulnerability ID VCID-m4mj-cjt5-a3g4
Aliases CVE-2024-42279
Summary In the Linux kernel, the following vulnerability has been resolved: spi: microchip-core: ensure TX and RX FIFOs are empty at start of a transfer While transmitting with rx_len == 0, the RX FIFO is not going to be emptied in the interrupt handler. A subsequent transfer could then read crap from the previous transfer out of the RX FIFO into the start RX buffer. The core provides a register that will empty the RX and TX FIFOs, so do that before each transfer.
Status Published
Exploitability 0.5
Weighted Severity 5.2
Risk 2.6
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-459 Incomplete Cleanup
System Score Found at
cvssv3 5.8 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-42279.json
epss 0.00018 https://api.first.org/data/v1/epss?cve=CVE-2024-42279
epss 0.00018 https://api.first.org/data/v1/epss?cve=CVE-2024-42279
epss 0.00018 https://api.first.org/data/v1/epss?cve=CVE-2024-42279
cvssv3.1 5.5 https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
ssvc Track https://git.kernel.org/stable/c/3feda3677e8bbe833c3a62a4091377a08f015b80
ssvc Track https://git.kernel.org/stable/c/45e03d35229b680b79dfea1103a1f2f07d0b5d75
ssvc Track https://git.kernel.org/stable/c/9cf71eb0faef4bff01df4264841b8465382d7927
Reference id Reference type URL
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-42279.json
https://api.first.org/data/v1/epss?cve=CVE-2024-42279
https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
2305424 https://bugzilla.redhat.com/show_bug.cgi?id=2305424
3feda3677e8bbe833c3a62a4091377a08f015b80 https://git.kernel.org/stable/c/3feda3677e8bbe833c3a62a4091377a08f015b80
45e03d35229b680b79dfea1103a1f2f07d0b5d75 https://git.kernel.org/stable/c/45e03d35229b680b79dfea1103a1f2f07d0b5d75
9cf71eb0faef4bff01df4264841b8465382d7927 https://git.kernel.org/stable/c/9cf71eb0faef4bff01df4264841b8465382d7927
USN-7154-1 https://usn.ubuntu.com/7154-1/
USN-7154-2 https://usn.ubuntu.com/7154-2/
USN-7155-1 https://usn.ubuntu.com/7155-1/
USN-7156-1 https://usn.ubuntu.com/7156-1/
USN-7196-1 https://usn.ubuntu.com/7196-1/
No exploits are available.
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:L Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-42279.json
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Found at https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T16:11:42Z/ Found at https://git.kernel.org/stable/c/3feda3677e8bbe833c3a62a4091377a08f015b80
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T16:11:42Z/ Found at https://git.kernel.org/stable/c/45e03d35229b680b79dfea1103a1f2f07d0b5d75
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T16:11:42Z/ Found at https://git.kernel.org/stable/c/9cf71eb0faef4bff01df4264841b8465382d7927
Exploit Prediction Scoring System (EPSS)
Percentile 0.04936
EPSS Score 0.00018
Published At June 5, 2026, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2026-06-04T16:51:16.650080+00:00 Debian Importer Import https://security-tracker.debian.org/tracker/data/json 38.6.0