{"id":"CVE-2024-47666","summary":"scsi: pm80xx: Set phy-\u003eenable_completion only when we wait for it","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: pm80xx: Set phy-\u003eenable_completion only when we wait for it\n\npm8001_phy_control() populates the enable_completion pointer with a stack\naddress, sends a PHY_LINK_RESET / PHY_HARD_RESET, waits 300 ms, and\nreturns. The problem arises when a phy control response comes late.  After\n300 ms the pm8001_phy_control() function returns and the passed\nenable_completion stack address is no longer valid. Late phy control\nresponse invokes complete() on a dangling enable_completion pointer which\nleads to a kernel crash.","modified":"2026-04-02T12:20:11.251063Z","published":"2024-10-09T14:13:58.849Z","related":["SUSE-SU-2024:4314-1","SUSE-SU-2024:4316-1","SUSE-SU-2024:4318-1","SUSE-SU-2024:4387-1","SUSE-SU-2025:0201-1","SUSE-SU-2025:0201-2","SUSE-SU-2025:0229-1","SUSE-SU-2025:0236-1","SUSE-SU-2025:20163-1","SUSE-SU-2025:20164-1","SUSE-SU-2025:20246-1","SUSE-SU-2025:20247-1"],"database_specific":{"osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/47xxx/CVE-2024-47666.json","cna_assigner":"Linux"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/7b1d779647afaea9185fa2f150b1721e7c1aae89"},{"type":"WEB","url":"https://git.kernel.org/stable/c/a5d954802bda1aabcba49633cd94bad91c94113f"},{"type":"WEB","url":"https://git.kernel.org/stable/c/ddc501f4130f4baa787cb6cfa309af697179f475"},{"type":"WEB","url":"https://git.kernel.org/stable/c/e23ee0cc5bded07e700553aecc333bb20c768546"},{"type":"WEB","url":"https://git.kernel.org/stable/c/e4f949ef1516c0d74745ee54a0f4882c1f6c7aea"},{"type":"WEB","url":"https://git.kernel.org/stable/c/f14d3e1aa613311c744af32d75125e95fc8ffb84"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/47xxx/CVE-2024-47666.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2024-47666"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"869ddbdcae3b4fb83b99889abae31544c149b210"},{"fixed":"ddc501f4130f4baa787cb6cfa309af697179f475"},{"fixed":"a5d954802bda1aabcba49633cd94bad91c94113f"},{"fixed":"e23ee0cc5bded07e700553aecc333bb20c768546"},{"fixed":"7b1d779647afaea9185fa2f150b1721e7c1aae89"},{"fixed":"f14d3e1aa613311c744af32d75125e95fc8ffb84"},{"fixed":"e4f949ef1516c0d74745ee54a0f4882c1f6c7aea"}]}],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-47666.json"}}],"schema_version":"1.7.5"}