CVE-2021-47098

hwmon: (lm90) Prevent integer overflow/underflow in hysteresis calculations

Severity Score

6.0

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

Track

*SSVC

Descriptions

In the Linux kernel, the following vulnerability has been resolved:

hwmon: (lm90) Prevent integer overflow/underflow in hysteresis calculations

Commit b50aa49638c7 ("hwmon: (lm90) Prevent integer underflows of
temperature calculations") addressed a number of underflow situations
when writing temperature limits. However, it missed one situation, seen
when an attempt is made to set the hysteresis value to MAX_LONG and the
critical temperature limit is negative.

Use clamp_val() when setting the hysteresis temperature to ensure that
the provided value can never overflow or underflow.

En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: hwmon: (lm90) Previene el desbordamiento/desbordamiento insuficiente de enteros en los cálculos de histéresis del commit b50aa49638c7 ("hwmon: (lm90) Evita el desbordamiento insuficiente de enteros en los cálculos de temperatura") abordó una serie de situaciones de desbordamiento insuficiente al escribir. límites de temperatura. Sin embargo, omitió una situación, vista cuando se intenta establecer el valor de histéresis en MAX_LONG y el límite de temperatura crítica es negativo. Utilice abrazadera_val() al configurar la temperatura de histéresis para garantizar que el valor proporcionado nunca pueda desbordarse o subestimarse.

*Credits: N/A

CVSS Scores

Red Hatv3.1 6.0

Attack Vector

Local

Attack Complexity

Low

Privileges Required

High

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

None

Availability

High

* Common Vulnerability Scoring System

SSVC

Decision:Track

Exploitation

None

Automatable

Tech. Impact

Partial

* Organization's Worst-case Scenario

Timeline

2024-02-29 CVE Reserved
2024-03-04 CVE Published
2024-03-05 EPSS Updated
2024-11-04 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-190: Integer Overflow or Wraparound

CAPEC

References (5)

URL	Tag	Source
https://git.kernel.org/stable/c/b50aa49638c7e12abf4ecc483f4e928c5cccc1b0	Vuln. Introduced

URL	Date	SRC

URL	Date	SRC
https://git.kernel.org/stable/c/d105f30bea9104c590a9e5b495cb8a49bdfe405f	2021-12-29
https://git.kernel.org/stable/c/55840b9eae5367b5d5b29619dc2fb7e4596dba46	2021-12-13

URL	Date	SRC
https://access.redhat.com/security/cve/CVE-2021-47098	2024-11-12
https://bugzilla.redhat.com/show_bug.cgi?id=2267920	2024-11-12

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.14 < 5.15.12 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.14 < 5.15.12"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.14 < 5.16 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.14 < 5.16"		en		Affected