CVE-2024-26968

Summary

In the Linux kernel, the following vulnerability has been resolved:

clk: qcom: gcc-ipq9574: fix terminating of frequency table arrays

The frequency table arrays are supposed to be terminated with an empty element. Add such entry to the end of the arrays where it is missing in order to avoid possible out-of-bound access when the table is traversed by functions like qcom_find_freq() or qcom_find_freq_floor().

Only compile tested.

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxd75b82cff48883b5e75abfd3930afa7a148ab440 < 0204247cf3669b6021fb745c3b7f37ae392ab19caffected
LinuxLinuxd75b82cff48883b5e75abfd3930afa7a148ab440 < 1723629fea8a4e75333196866e10d395463dca72affected
LinuxLinuxd75b82cff48883b5e75abfd3930afa7a148ab440 < 604f2d7c46727c5e24fc7faddc980bc1cc0b1011affected
LinuxLinuxd75b82cff48883b5e75abfd3930afa7a148ab440 < bd2b6395671d823caa38d8e4d752de2448ae61e1affected
LinuxLinux6.4affected
LinuxLinux0 < 6.4unaffected
LinuxLinux6.6.24 <= 6.6.*unaffected
LinuxLinux6.7.12 <= 6.7.*unaffected
LinuxLinux6.8.3 <= 6.8.*unaffected
LinuxLinux6.9 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

References