CVE-2024-39475
fbdev: savage: Handle err return when savagefb_check_var failed
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
In the Linux kernel, the following vulnerability has been resolved: fbdev: savage: Handle err return when savagefb_check_var failed The commit 04e5eac8f3ab("fbdev: savage: Error out if pixclock equals zero")
checks the value of pixclock to avoid divide-by-zero error. However
the function savagefb_probe doesn't handle the error return of
savagefb_check_var. When pixclock is 0, it will cause divide-by-zero error.
En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: fbdev: savage: Maneja el retorno de error cuando falla savagefb_check_var. El commit 04e5eac8f3ab("fbdev: savage: Error out if pixclock es igual a cero") verifica el valor de pixclock para evitar división por error cero. Sin embargo, la función savagefb_probe no maneja la devolución de error de savagefb_check_var. Cuando pixclock es 0, provocará un error de división por cero.
In the Linux kernel, the following vulnerability has been resolved: fbdev: savage: Handle err return when savagefb_check_var failed The commit 04e5eac8f3ab("fbdev: savage: Error out if pixclock equals zero") checks the value of pixclock to avoid divide-by-zero error. However the function savagefb_probe doesn't handle the error return of savagefb_check_var. When pixclock is 0, it will cause divide-by-zero error.
Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not properly handle certain error conditions, leading to a NULL pointer dereference. A local attacker could possibly trigger this vulnerability to cause a denial of service. Gui-Dong Han discovered that the software RAID driver in the Linux kernel contained a race condition, leading to an integer overflow vulnerability. A privileged attacker could possibly use this to cause a denial of service.
CVSS Scores
SSVC
- Decision:Track
Timeline
- 2024-06-25 CVE Reserved
- 2024-07-05 CVE Published
- 2024-12-19 CVE Updated
- 2025-03-21 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-369: Divide By Zero
CAPEC
References (16)
| URL | Tag | Source |
|---|---|---|
| https://git.kernel.org/stable/c/224453de8505aede1890f007be973925a3edf6a1 | Vuln. Introduced | |
| https://git.kernel.org/stable/c/84dce0f6a4cc5b7bfd7242ef9290db8ac1dd77ff | Vuln. Introduced | |
| https://git.kernel.org/stable/c/512ee6d6041e007ef5bf200c6e388e172a2c5b24 | Vuln. Introduced | |
| https://git.kernel.org/stable/c/8c54acf33e5adaad6374bf3ec1e3aff0591cc8e1 | Vuln. Introduced | |
| https://git.kernel.org/stable/c/070398d32c5f3ab0e890374904ad94551c76aec4 | Vuln. Introduced | |
| https://git.kernel.org/stable/c/bc3c2e58d73b28b9a8789fca84778ee165a72d13 | Vuln. Introduced | |
| https://git.kernel.org/stable/c/04e5eac8f3ab2ff52fa191c187a46d4fdbc1e288 | Vuln. Introduced | |
| https://git.kernel.org/stable/c/a9ca4e80d23474f90841251f4ac0d941fa337a01 | Vuln. Introduced |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 4.19.308 < 4.19.316 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.19.308 < 4.19.316" | en |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 5.4.270 < 5.4.278 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.4.270 < 5.4.278" | en |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 5.10.211 < 5.10.219 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.10.211 < 5.10.219" | en |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 5.15.150 < 5.15.161 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.15.150 < 5.15.161" | en |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 6.1.80 < 6.1.94 Search vendor "Linux" for product "Linux Kernel" and version " >= 6.1.80 < 6.1.94" | en |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 6.6.19 < 6.6.34 Search vendor "Linux" for product "Linux Kernel" and version " >= 6.6.19 < 6.6.34" | en |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 6.8 < 6.9.5 Search vendor "Linux" for product "Linux Kernel" and version " >= 6.8 < 6.9.5" | en |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 6.8 < 6.10 Search vendor "Linux" for product "Linux Kernel" and version " >= 6.8 < 6.10" | en |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | 6.7.7 Search vendor "Linux" for product "Linux Kernel" and version "6.7.7" | en |
Affected
| ||||||