CVE-2024-26664

hwmon: (coretemp) Fix out-of-bounds memory access

Severity Score

6.0

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

Track

*SSVC

Descriptions

In the Linux kernel, the following vulnerability has been resolved: hwmon: (coretemp) Fix out-of-bounds memory access Fix a bug that pdata->cpu_map[] is set before out-of-bounds check.
The problem might be triggered on systems with more than 128 cores per
package.

En el kernel de Linux, se resolvió la siguiente vulnerabilidad: hwmon: (coretemp) Arreglar el acceso a memoria fuera de los límites Arreglar un error que pdata->cpu_map[] está configurado antes de la verificación de los límites. El problema podría surgir en sistemas con más de 128 núcleos por paquete.

In the Linux kernel, the following vulnerability has been resolved: hwmon: (coretemp) Fix out-of-bounds memory access Fix a bug that pdata->cpu_map[] is set before out-of-bounds check. The problem might be triggered on systems with more than 128 cores per package.

It was discovered that the Open vSwitch implementation in the Linux kernel could overflow its stack during recursive action operations under certain conditions. A local attacker could use this to cause a denial of service. Sander Wiebing, Alvise de Faveri Tron, Herbert Bos, and Cristiano Giuffrida discovered that the Linux kernel mitigations for the initial Branch History Injection vulnerability were insufficient for Intel processors. A local attacker could potentially use this to expose sensitive information.

*Credits: N/A

Attack Vector

Local

Attack Complexity

Low

Privileges Required

High

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

None

Availability

High

Attack Vector

Local

Attack Complexity

Low

Authentication

Multiple

Confidentiality

Complete

Integrity

None

Availability

Complete

* Common Vulnerability Scoring System

SSVC

Decision:Track

Exploitation

None

Automatable

Tech. Impact

Partial

* Organization's Worst-case Scenario

Timeline

2024-02-19 CVE Reserved
2024-04-02 CVE Published
2024-12-19 CVE Updated
2025-03-30 EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-125: Out-of-bounds Read

CAPEC

References (18)

URL	Tag	Source
https://git.kernel.org/stable/c/4f9dcadc55c21b39b072bb0882362c7edc4340bc	Vuln. Introduced
https://git.kernel.org/stable/c/c00cdfc9bd767ee743ad3a4054de17aeb0afcbca	Vuln. Introduced
https://git.kernel.org/stable/c/d9f0159da05df869071164edf0c6d7302efc5eca	Vuln. Introduced
https://git.kernel.org/stable/c/30cf0dee372baf9b515f2d9c7218f905fddf3cdb	Vuln. Introduced
https://git.kernel.org/stable/c/7108b80a542b9d65e44b36d64a700a83658c0b73	Vuln. Introduced
https://git.kernel.org/stable/c/d1de8e1ae924d9dc31548676e4a665b52ebee27e	Vuln. Introduced
https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html
https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html

URL	Date	SRC

URL	Date	SRC
https://git.kernel.org/stable/c/93f0f4e846fcb682c3ec436e3b2e30e5a3a8ee6a	2024-02-23
https://git.kernel.org/stable/c/1eb74c00c9c3b13cb65e508c5d5a2f11afb96b8b	2024-02-23
https://git.kernel.org/stable/c/f0da068c75c20ffc5ba28243ff577531dc2af1fd	2024-02-23
https://git.kernel.org/stable/c/a16afec8e83c56b14a4a73d2e3fb8eec3a8a057e	2024-02-23
https://git.kernel.org/stable/c/9bce69419271eb8b2b3ab467387cb59c99d80deb	2024-02-16
https://git.kernel.org/stable/c/853a6503c586a71abf27e60a7f8c4fb28092976d	2024-02-16
https://git.kernel.org/stable/c/3a7753bda55985dc26fae17795cb10d825453ad1	2024-02-16
https://git.kernel.org/stable/c/4e440abc894585a34c2904a32cd54af1742311b3	2024-02-04

URL	Date	SRC
https://access.redhat.com/security/cve/CVE-2024-26664	2024-11-12
https://bugzilla.redhat.com/show_bug.cgi?id=2272791	2024-11-12

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.19.264 < 4.19.307 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.19.264 < 4.19.307"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.4.221 < 5.4.269 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.4.221 < 5.4.269"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.10.152 < 5.10.210 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.10.152 < 5.10.210"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.15.76 < 5.15.149 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.15.76 < 5.15.149"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 6.1 < 6.1.78 Search vendor "Linux" for product "Linux Kernel" and version " >= 6.1 < 6.1.78"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 6.1 < 6.6.17 Search vendor "Linux" for product "Linux Kernel" and version " >= 6.1 < 6.6.17"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 6.1 < 6.7.5 Search vendor "Linux" for product "Linux Kernel" and version " >= 6.1 < 6.7.5"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 6.1 < 6.8 Search vendor "Linux" for product "Linux Kernel" and version " >= 6.1 < 6.8"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				6.0.6 Search vendor "Linux" for product "Linux Kernel" and version "6.0.6"		en		Affected