CVE-2024-26965

clk: qcom: mmcc-msm8974: fix terminating of frequency table arrays

Severity Score

"-"

*CVSS v-

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

Track

*SSVC

Descriptions

In the Linux kernel, the following vulnerability has been resolved:

clk: qcom: mmcc-msm8974: fix terminating of frequency table arrays

The frequency table arrays are supposed to be terminated with an
empty element. Add such entry to the end of the arrays where it
is missing in order to avoid possible out-of-bound access when
the table is traversed by functions like qcom_find_freq() or
qcom_find_freq_floor().

Only compile tested.

En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: clk: qcom: mmcc-msm8974: corrección de terminación de matrices de tablas de frecuencia Se supone que las matrices de tablas de frecuencia terminan con un elemento vacío. Agregue dicha entrada al final de las matrices donde falta para evitar un posible acceso fuera de los límites cuando la tabla es atravesada por funciones como qcom_find_freq() o qcom_find_freq_floor(). Solo compilar probado.

*Credits: N/A

CVSS Scores

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality

Integrity

Availability

* Common Vulnerability Scoring System

SSVC

Decision:Track

Exploitation

None

Automatable

Tech. Impact

Partial

* Organization's Worst-case Scenario

Timeline

2024-02-19 CVE Reserved
2024-05-01 CVE Published
2024-05-01 EPSS Updated
2024-08-02 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CAPEC

References (12)

URL	Tag	Source
https://git.kernel.org/stable/c/d8b212014e69d6b6323773ce6898f224ef4ed0d6	Vuln. Introduced
https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html
https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html

URL	Date	SRC

URL	Date	SRC
https://git.kernel.org/stable/c/99740c4791dc8019b0d758c5389ca6d1c0604d95	2024-04-13
https://git.kernel.org/stable/c/86bf75d9158f511db7530bc82a84b19a5134d089	2024-04-13
https://git.kernel.org/stable/c/3ff4a0f6a8f0ad4b4ee9e908bdfc3cacb7be4060	2024-04-13
https://git.kernel.org/stable/c/8f562f3b25177c2055b20fd8cf000496f6fa9194	2024-04-10
https://git.kernel.org/stable/c/537040c257ab4cd0673fbae048f3940c8ea2e589	2024-04-03
https://git.kernel.org/stable/c/7e9926fef71e514b4a8ea9d11d5a84d52b181362	2024-04-03
https://git.kernel.org/stable/c/ae99e199037c580b7350bfa3596f447a53bcf01f	2024-04-03
https://git.kernel.org/stable/c/ca2cf98d46748373e830a13d85d215d64a2d9bf2	2024-04-03
https://git.kernel.org/stable/c/e2c02a85bf53ae86d79b5fccf0a75ac0b78e0c96	2024-03-02

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 3.14 < 4.19.312 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.14 < 4.19.312"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 3.14 < 5.4.274 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.14 < 5.4.274"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 3.14 < 5.10.215 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.14 < 5.10.215"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 3.14 < 5.15.154 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.14 < 5.15.154"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 3.14 < 6.1.84 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.14 < 6.1.84"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 3.14 < 6.6.24 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.14 < 6.6.24"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 3.14 < 6.7.12 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.14 < 6.7.12"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 3.14 < 6.8.3 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.14 < 6.8.3"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 3.14 < 6.9 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.14 < 6.9"		en		Affected