Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2024-42100

Опубликовано: 30 июл. 2024
Источник: nvd
CVSS3: 5.5
EPSS Низкий

Описание

In the Linux kernel, the following vulnerability has been resolved:

clk: sunxi-ng: common: Don't call hw_to_ccu_common on hw without common

In order to set the rate range of a hw sunxi_ccu_probe calls hw_to_ccu_common() assuming all entries in desc->ccu_clks are contained in a ccu_common struct. This assumption is incorrect and, in consequence, causes invalid pointer de-references.

Remove the faulty call. Instead, add one more loop that iterates over the ccu_clks and sets the rate range, if required.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Версия от 6.6.31 (включая) до 6.6.39 (исключая)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Версия от 6.8.10 (включая) до 6.9 (исключая)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Версия от 6.9.1 (включая) до 6.9.9 (исключая)
cpe:2.3:o:linux:linux_kernel:6.9:-:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.9:rc7:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.10:rc1:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.10:rc2:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.10:rc3:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.10:rc4:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.10:rc5:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.10:rc6:*:*:*:*:*:*

EPSS

Процентиль: 1%
0.00012
Низкий

5.5 Medium

CVSS3

Дефекты

CWE-476

Связанные уязвимости

ubuntu логотип

CVE-2024-42100

CVSS3: 5.5
ubuntu
около 1 года назад

In the Linux kernel, the following vulnerability has been resolved: clk: sunxi-ng: common: Don't call hw_to_ccu_common on hw without common In order to set the rate range of a hw sunxi_ccu_probe calls hw_to_ccu_common() assuming all entries in desc->ccu_clks are contained in a ccu_common struct. This assumption is incorrect and, in consequence, causes invalid pointer de-references. Remove the faulty call. Instead, add one more loop that iterates over the ccu_clks and sets the rate range, if required.

redhat логотип

CVE-2024-42100

CVSS3: 4.4
redhat
около 1 года назад

In the Linux kernel, the following vulnerability has been resolved: clk: sunxi-ng: common: Don't call hw_to_ccu_common on hw without common In order to set the rate range of a hw sunxi_ccu_probe calls hw_to_ccu_common() assuming all entries in desc->ccu_clks are contained in a ccu_common struct. This assumption is incorrect and, in consequence, causes invalid pointer de-references. Remove the faulty call. Instead, add one more loop that iterates over the ccu_clks and sets the rate range, if required.

debian логотип

CVE-2024-42100

CVSS3: 5.5
debian
около 1 года назад

In the Linux kernel, the following vulnerability has been resolved: c ...

github логотип

GHSA-v6gx-hf69-q84x

CVSS3: 5.5
github
около 1 года назад

In the Linux kernel, the following vulnerability has been resolved: clk: sunxi-ng: common: Don't call hw_to_ccu_common on hw without common In order to set the rate range of a hw sunxi_ccu_probe calls hw_to_ccu_common() assuming all entries in desc->ccu_clks are contained in a ccu_common struct. This assumption is incorrect and, in consequence, causes invalid pointer de-references. Remove the faulty call. Instead, add one more loop that iterates over the ccu_clks and sets the rate range, if required.

fstec логотип

BDU:2025-00988

CVSS3: 4.4
fstec
около 1 года назад

Уязвимость компонента clk ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании

EPSS

Процентиль: 1%
0.00012
Низкий

5.5 Medium

CVSS3

Дефекты

CWE-476