In the Linux kernel, the following vulnerability has been resolved:
hwmon: (ltc2991) re-order conditions to fix off by one bug
LTC2991_T_INT_CH_NR is 4. The st->temp_en[] array has LTC2991_MAX_CHANNEL
(4) elements. Thus if "channel" is equal to LTC2991_T_INT_CH_NR then we
have read one element beyond the end of the array. Flip the conditions
around so that we check if "channel" is valid before using it as an array
index.
References
Configurations
History
20 Aug 2024, 19:32
Type | Values Removed | Values Added |
---|---|---|
First Time |
Linux linux Kernel
Linux |
|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.8 |
CPE | cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | |
References | () https://git.kernel.org/stable/c/99bf7c2eccff82760fa23ce967cc67c8c219c6a6 - Patch | |
References | () https://git.kernel.org/stable/c/c180311c0a520692e2d0e9ca44dcd6c2ff1b41c4 - Patch | |
CWE | CWE-193 |
19 Aug 2024, 12:59
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
17 Aug 2024, 10:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-08-17 10:15
Updated : 2024-08-20 19:32
NVD link : CVE-2024-43852
Mitre link : CVE-2024-43852
CVE.ORG link : CVE-2024-43852
JSON object : View
Products Affected
linux
- linux_kernel
CWE
CWE-193
Off-by-one Error