CVE-2024-47664 in Linux
Summary
by MITRE • 10/09/2024
In the Linux kernel, the following vulnerability has been resolved:
spi: hisi-kunpeng: Add verification for the max_frequency provided by the firmware
If the value of max_speed_hz is 0, it may cause a division by zero error in hisi_calc_effective_speed(). The value of max_speed_hz is provided by firmware. Firmware is generally considered as a trusted domain. However, as division by zero errors can cause system failure, for defense measure, the value of max_speed is validated here. So 0 is regarded as invalid and an error code is returned.
If you want to get best quality of vulnerability data, you may have to visit VulDB.
Analysis
by VulDB Data Team • 03/20/2026
The vulnerability identified as CVE-2024-47664 resides within the Linux kernel's SPI subsystem, specifically affecting the hisi-kunpeng driver implementation. This driver manages SPI communication for HiSilicon Kunpeng SoC platforms, which are commonly utilized in enterprise and data center environments. The issue manifests when the driver processes configuration data provided by firmware, particularly the max_speed_hz parameter that defines the maximum SPI clock frequency. The vulnerability stems from insufficient input validation of firmware-provided parameters, creating a potential system stability risk that could be exploited through malicious firmware manipulation or unexpected hardware behavior.
The technical flaw occurs in the hisi_calc_effective_speed() function where division operations are performed without proper validation of the max_speed_hz parameter. When firmware provides a value of zero for max_speed_hz, the calculation logic triggers a division by zero error, which fundamentally crashes the kernel execution context. This type of error represents a classic security vulnerability pattern where unvalidated input leads to system instability and potential denial of service conditions. The vulnerability is classified under CWE-369 as "Division by Zero" and specifically relates to improper validation of untrusted input data from firmware sources.
The operational impact of this vulnerability extends beyond simple system crashes, as it affects the reliability and availability of SPI-based communication channels in embedded systems and server platforms. The hisi-kunpeng driver is typically used for critical system components including storage controllers, network interfaces, and sensor systems that require reliable SPI communication. A successful exploitation of this vulnerability could result in complete system failure, requiring manual intervention for recovery and potentially leading to extended downtime in production environments. The risk is particularly concerning because firmware is generally treated as a trusted component within the system architecture, making this vulnerability a prime example of how trusted inputs can become attack vectors when not properly validated.
The mitigation strategy implemented in the fix involves adding explicit validation checks for the max_speed_hz parameter before any calculation operations are performed. The solution specifically rejects zero values as invalid input and returns appropriate error codes to prevent the kernel from proceeding with potentially dangerous operations. This defensive programming approach aligns with the principle of least privilege and input validation commonly recommended in the ATT&CK framework under the technique of "Input Validation" and "Defense Evasion". The fix ensures that even if malicious firmware attempts to provide invalid parameters, the kernel will gracefully handle the situation rather than crashing. This vulnerability demonstrates the critical importance of validating all inputs from potentially untrusted sources, including firmware components, as highlighted in industry best practices for kernel security and secure system design principles.