CVE-2024-26730

Summary

In the Linux kernel, the following vulnerability has been resolved:

hwmon: (nct6775) Fix access to temperature configuration registers

The number of temperature configuration registers does not always match the total number of temperature registers. This can result in access errors reported if KASAN is enabled.

BUG: KASAN: global-out-of-bounds in nct6775_probe+0x5654/0x6fe9 nct6775_core

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxb7f1f7b2523a6a4382f12fe953380b847b80e09d < f006c45a3ea424f8f6c8e4b9283bc245ce2a4d0faffected
LinuxLinuxb7f1f7b2523a6a4382f12fe953380b847b80e09d < c196387820c9214c5ceaff56d77303c82514b8b1affected
LinuxLinuxb7f1f7b2523a6a4382f12fe953380b847b80e09d < d56e460e19ea8382f813eb489730248ec8d7eb73affected
LinuxLinux6.6affected
LinuxLinux0 < 6.6unaffected
LinuxLinux6.6.19 <= 6.6.*unaffected
LinuxLinux6.7.7 <= 6.7.*unaffected
LinuxLinux6.8 <= *unaffected

Weaknesses

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References