CVE-2024-58069

Summary

In the Linux kernel, the following vulnerability has been resolved:

rtc: pcf85063: fix potential OOB write in PCF85063 NVMEM read

The nvmem interface supports variable buffer sizes, while the regmap interface operates with fixed-size storage. If an nvmem client uses a buffer size less than 4 bytes, regmap_read will write out of bounds as it expects the buffer to point at an unsigned int.

Fix this by using an intermediary unsigned int to hold the value.

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxfadfd092ee9138825d8c2a4f95719d2e2e3202b9 < 21cd59fcb9952eb7505da2bdfc1eb9c619df3ff4affected
LinuxLinuxfadfd092ee9138825d8c2a4f95719d2e2e3202b9 < 6f2a8ca9a0a38589f52a7f0fb9425b9ba987ae7caffected
LinuxLinuxfadfd092ee9138825d8c2a4f95719d2e2e3202b9 < e5536677da803ed54a29a446515c28dce7d3d574affected
LinuxLinuxfadfd092ee9138825d8c2a4f95719d2e2e3202b9 < c72b7a474d3f445bf0c5bcf8ffed332c78eb28a1affected
LinuxLinuxfadfd092ee9138825d8c2a4f95719d2e2e3202b9 < 9adefa7b9559d0f21034a5d5ec1b55840c9348b9affected
LinuxLinuxfadfd092ee9138825d8c2a4f95719d2e2e3202b9 < e5e06455760f2995b16a176033909347929d1128affected
LinuxLinuxfadfd092ee9138825d8c2a4f95719d2e2e3202b9 < 517aedb365f2c94e2d7e0b908ac7127df76203a1affected
LinuxLinuxfadfd092ee9138825d8c2a4f95719d2e2e3202b9 < 3ab8c5ed4f84fa20cd16794fe8dc31f633fbc70caffected
LinuxLinux5.2affected
LinuxLinux0 < 5.2unaffected
LinuxLinux5.4.291 <= 5.4.*unaffected
LinuxLinux5.10.235 <= 5.10.*unaffected
LinuxLinux5.15.179 <= 5.15.*unaffected
LinuxLinux6.1.129 <= 6.1.*unaffected
LinuxLinux6.6.76 <= 6.6.*unaffected
LinuxLinux6.12.13 <= 6.12.*unaffected
LinuxLinux6.13.2 <= 6.13.*unaffected
LinuxLinux6.14 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

CVE Program Container

Additional References

References