CVE-2024-26966
clk: qcom: mmcc-apq8084: fix terminating of frequency table arrays
Vexday Risk Score
3Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS —EPSS 0.3%KEV nãoPoC —Nuclei —Metasploit —Patch —
Lifecycle
01 May 2024Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
In the Linux kernel, the following vulnerability has been resolved:
clk: qcom: mmcc-apq8084: fix terminating of frequency table arrays
The frequency table arrays are supposed to be terminated with an
empty element. Add such entry to the end of the arrays where it
is missing in order to avoid possible out-of-bound access when
the table is traversed by functions like qcom_find_freq() or
qcom_find_freq_floor().
Only compile tested.
Affected products
Linux · LinuxWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
https://git.kernel.org/stable/c/185de0b7cdeaad8b89ebd4c8a258ff2f21adba99https://git.kernel.org/stable/c/3aedcf3755c74dafc187eb76acb04e3e6348b1a9https://git.kernel.org/stable/c/5533686e99b04994d7c4877dc0e4282adc9444a2https://git.kernel.org/stable/c/5638330150db2cc30b53eed04e481062faa3ece8https://git.kernel.org/stable/c/7e5432401536117c316d7f3b21d46b64c1514f38https://git.kernel.org/stable/c/9b4c4546dd61950e80ffdca1bf6925f42b665b03https://git.kernel.org/stable/c/a09aecb6cb482de88301c43bf00a6c8726c4d34fhttps://git.kernel.org/stable/c/a903cfd38d8dee7e754fb89fd1bebed99e28003dhttps://git.kernel.org/stable/c/b2dfb216f32627c2f6a8041f2d9d56d102ab87c0https://lists.debian.org/debian-lts-announce/2024/06/msg00017.htmlhttps://lists.debian.org/debian-lts-announce/2024/06/msg00020.html