Описание
In the Linux kernel, the following vulnerability has been resolved:
hwmon: (w83627ehf) Fix underflows seen when writing limit attributes
DIV_ROUND_CLOSEST() after kstrtol() results in an underflow if a large negative number such as -9223372036854775808 is provided by the user. Fix it by reordering clamp_val() and DIV_ROUND_CLOSEST() operations.
In the Linux kernel, the following vulnerability has been resolved:
hwmon: (w83627ehf) Fix underflows seen when writing limit attributes
DIV_ROUND_CLOSEST() after kstrtol() results in an underflow if a large negative number such as -9223372036854775808 is provided by the user. Fix it by reordering clamp_val() and DIV_ROUND_CLOSEST() operations.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2024-46756
- https://git.kernel.org/stable/c/26825b62bd1bd3e53b4f44e0745cb516d5186343
- https://git.kernel.org/stable/c/56cfdeb2c77291f0b5e4592731adfb6ca8fc7c24
- https://git.kernel.org/stable/c/5c1de37969b7bc0abcb20b86e91e70caebbd4f89
- https://git.kernel.org/stable/c/77ab0fd231c4ca873ec6908e761970360acc6df2
- https://git.kernel.org/stable/c/8fecb75bff1b7d87a071c32a37aa0700f2be379d
- https://git.kernel.org/stable/c/93cf73a7bfdce683bde3a7bb65f270d3bd24497b
- https://git.kernel.org/stable/c/cc4be794c8d8c253770103e097ab9dbdb5f99ae1
- https://git.kernel.org/stable/c/d92f0baf99a7e327dcceab37cce57c38aab1f691
Связанные уязвимости
[REJECTED CVE] A vulnerability in the Linux kernel's hwmon subsystem (w83627ehf driver) has been identified, where writing large negative values (e.g., -9223372036854775808) to limit attributes caused an underflow due to improper ordering of operations in DIV_ROUND_CLOSEST(). An attacker with write access to these attributes could potentially trigger unexpected behavior or system instability.
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
Уязвимость функций DIV_ROUND_CLOSEST() ядра операционной системы Linux, позволяющая нарушителю оказать воздействие на конфиденциальность, целостность и доступность защищаемой информации
