CVE-2024-46756

In the Linux kernel, the following vulnerability has been resolved: hwmon: (w83627ehf) Fix underflows seen when writing limit attributes DIV_ROUND_CLOSEST() after kstrtol() results in an underflow if a large negative number such as -9223372036854775808 is provided by the user. Fix it by reordering clamp_val() and DIV_ROUND_CLOSEST() operations.
Configurations

Configuration 1 (hide)

OR cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

History

23 Sep 2024, 16:29

Type Values Removed Values Added
References () https://git.kernel.org/stable/c/26825b62bd1bd3e53b4f44e0745cb516d5186343 - () https://git.kernel.org/stable/c/26825b62bd1bd3e53b4f44e0745cb516d5186343 - Patch
References () https://git.kernel.org/stable/c/56cfdeb2c77291f0b5e4592731adfb6ca8fc7c24 - () https://git.kernel.org/stable/c/56cfdeb2c77291f0b5e4592731adfb6ca8fc7c24 - Patch
References () https://git.kernel.org/stable/c/5c1de37969b7bc0abcb20b86e91e70caebbd4f89 - () https://git.kernel.org/stable/c/5c1de37969b7bc0abcb20b86e91e70caebbd4f89 - Patch
References () https://git.kernel.org/stable/c/77ab0fd231c4ca873ec6908e761970360acc6df2 - () https://git.kernel.org/stable/c/77ab0fd231c4ca873ec6908e761970360acc6df2 - Patch
References () https://git.kernel.org/stable/c/8fecb75bff1b7d87a071c32a37aa0700f2be379d - () https://git.kernel.org/stable/c/8fecb75bff1b7d87a071c32a37aa0700f2be379d - Patch
References () https://git.kernel.org/stable/c/93cf73a7bfdce683bde3a7bb65f270d3bd24497b - () https://git.kernel.org/stable/c/93cf73a7bfdce683bde3a7bb65f270d3bd24497b - Patch
References () https://git.kernel.org/stable/c/cc4be794c8d8c253770103e097ab9dbdb5f99ae1 - () https://git.kernel.org/stable/c/cc4be794c8d8c253770103e097ab9dbdb5f99ae1 - Patch
References () https://git.kernel.org/stable/c/d92f0baf99a7e327dcceab37cce57c38aab1f691 - () https://git.kernel.org/stable/c/d92f0baf99a7e327dcceab37cce57c38aab1f691 - Patch
First Time Linux linux Kernel
Linux
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 7.8
CPE cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
CWE CWE-191

20 Sep 2024, 12:30

Type Values Removed Values Added
Summary
  • (es) En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: hwmon: (w83627ehf) Se corrigen los desbordamientos de línea observados al escribir los atributos de límite DIV_ROUND_CLOSEST() después de que kstrtol() dé como resultado un desbordamiento de línea si el usuario proporciona un número negativo grande, como -9223372036854775808. Se soluciona reordenando las operaciones clamp_val() y DIV_ROUND_CLOSEST().

18 Sep 2024, 08:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-09-18 08:15

Updated : 2024-09-23 16:29


NVD link : CVE-2024-46756

Mitre link : CVE-2024-46756

CVE.ORG link : CVE-2024-46756


JSON object : View

Products Affected

linux

  • linux_kernel
CWE
CWE-191

Integer Underflow (Wrap or Wraparound)