Описание
In the Linux kernel, the following vulnerability has been resolved:
hwmon: (nct6775-core) Fix overflows seen when writing limit attributes
DIV_ROUND_CLOSEST() after kstrtoul() results in an overflow if a large number such as 18446744073709551615 is provided by the user. Fix it by reordering clamp_val() and DIV_ROUND_CLOSEST() operations.
In the Linux kernel, the following vulnerability has been resolved:
hwmon: (nct6775-core) Fix overflows seen when writing limit attributes
DIV_ROUND_CLOSEST() after kstrtoul() results in an overflow if a large number such as 18446744073709551615 is provided by the user. Fix it by reordering clamp_val() and DIV_ROUND_CLOSEST() operations.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2024-53159
- https://git.kernel.org/stable/c/57ee12b6c514146c19b6a159013b48727a012960
- https://git.kernel.org/stable/c/685c10269c41d23d7a2b85d3fd6b6345390c8746
- https://git.kernel.org/stable/c/a4712e4485f5c388bbe0d0e8f52978241ab34a29
- https://git.kernel.org/stable/c/ae703f8ff083c5267af30d6c8cf096d562623b3b
- https://git.kernel.org/stable/c/dfa8bedfffcae87976b34a45a724deb9c3a0a88e
CVE ID
Связанные уязвимости
[REJECTED CVE] A vulnerability was identified in the Linux kernel's nct6775-core hardware monitoring (hwmon) driver, where writing large values (e.g., 18446744073709551615) to limit attributes could cause an overflow due to improper ordering of DIV_ROUND_CLOSEST() and clamp_val(). This flaw allowed unintended behavior when setting sensor limits, potentially leading to incorrect readings or improper thermal and voltage regulation. Exploitation required local user privileges to write to the relevant sysfs attributes.
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
Уязвимость функции DIV_ROUND_CLOSEST() драйвера микросхемы Nuvoton NCT6775F (drivers/hwmon/nct6775-core.c) ядра операционной системы Linux, позволяющая нарушителю оказать влияние на доступность защищаемой информации
