Связанные уязвимости
[REJECTED CVE] A vulnerability was identified in the Linux kernel's nct6775-core hardware monitoring (hwmon) driver, where writing large values (e.g., 18446744073709551615) to limit attributes could cause an overflow due to improper ordering of DIV_ROUND_CLOSEST() and clamp_val(). This flaw allowed unintended behavior when setting sensor limits, potentially leading to incorrect readings or improper thermal and voltage regulation. Exploitation required local user privileges to write to the relevant sysfs attributes.
In the Linux kernel, the following vulnerability has been resolved: hwmon: (nct6775-core) Fix overflows seen when writing limit attributes DIV_ROUND_CLOSEST() after kstrtoul() results in an overflow if a large number such as 18446744073709551615 is provided by the user. Fix it by reordering clamp_val() and DIV_ROUND_CLOSEST() operations.
Уязвимость функции DIV_ROUND_CLOSEST() драйвера микросхемы Nuvoton NCT6775F (drivers/hwmon/nct6775-core.c) ядра операционной системы Linux, позволяющая нарушителю оказать влияние на доступность защищаемой информации
