Описание
In the Linux kernel, the following vulnerability has been resolved:
pwm: Fix out-of-bounds access in of_pwm_single_xlate()
With args->args_count == 2 args->args[2] is not defined. Actually the
flags are contained in args->args[1].
A flaw was found in the Linux kernel due to an out-of-bounds access issue in the of_pwm_single_xlate() function within the drivers/pwm/core.c file. This issue occurs because of incorrect indexing of arguments (args->args[2]) when args->args_count == 2, leading to potential memory corruption.
Отчет
The CVE-2024-26599 vulnerability in the Linux kernel is assessed as a Moderate severity due to its potential impact on system stability and security. The issue stems from an out-of-bounds access in the of_pwm_single_xlate() function within drivers/pwm/core.c. When args->args_count == 2, accessing args->args[2] improperly attempts to retrieve data beyond the allocated memory space, leading to memory corruption. While exploitation requires specific conditions and knowledge of system configuration, successful attacks could result in denial of service or unauthorized data exposure.
Меры по смягчению последствий
No mitigation is currently available for this vulnerability. Make sure to perform the updates as they become available.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 6 | kernel | Not affected | ||
| Red Hat Enterprise Linux 7 | kernel | Not affected | ||
| Red Hat Enterprise Linux 7 | kernel-rt | Not affected | ||
| Red Hat Enterprise Linux 8 | kernel | Not affected | ||
| Red Hat Enterprise Linux 8 | kernel-rt | Not affected | ||
| Red Hat Enterprise Linux 9 | kernel | Not affected | ||
| Red Hat Enterprise Linux 9 | kernel-rt | Not affected |
Показывать по
Дополнительная информация
Статус:
EPSS
5.1 Medium
CVSS3
Связанные уязвимости
In the Linux kernel, the following vulnerability has been resolved: pwm: Fix out-of-bounds access in of_pwm_single_xlate() With args->args_count == 2 args->args[2] is not defined. Actually the flags are contained in args->args[1].
In the Linux kernel, the following vulnerability has been resolved: pwm: Fix out-of-bounds access in of_pwm_single_xlate() With args->args_count == 2 args->args[2] is not defined. Actually the flags are contained in args->args[1].
In the Linux kernel, the following vulnerability has been resolved: p ...
In the Linux kernel, the following vulnerability has been resolved: pwm: Fix out-of-bounds access in of_pwm_single_xlate() With args->args_count == 2 args->args[2] is not defined. Actually the flags are contained in args->args[1].
Уязвимость функции of_pwm_single_xlate() в модуле drivers/pwm/core.c драйвера устройств PWM (ШИМ, широтно-импульсной модуляции) ядра операционной системы Linux, позволяющая нарушителю оказать воздействие на конфиденциальность, целостность и доступность защищаемой информации
EPSS
5.1 Medium
CVSS3