SB20240918113 - Integer underflow in Linux kernel hwmon driver
Published: September 18, 2024 Updated: May 12, 2025
Security Bulletin ID
SB20240918113
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Local access
Highest impact
Code execution
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Integer underflow (CVE-ID: CVE-2024-46759)
The vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer underflow within the adc128_set_in() and adc128_set_temp() functions in drivers/hwmon/adc128d818.c. A local user can execute arbitrary code.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/05419d0056dcf7088687e561bb583cc06deba777
- https://git.kernel.org/stable/c/7645d783df23878342d5d8d22030c3861d2d5426
- https://git.kernel.org/stable/c/2a3add62f183459a057336381ef3a896da01ce38
- https://git.kernel.org/stable/c/019ef2d396363ecddc46e826153a842f8603799b
- https://git.kernel.org/stable/c/f7f5101af5b47a331cdbfa42ba64c507b47dd1fe
- https://git.kernel.org/stable/c/6891b11a0c6227ca7ed15786928a07b1c0e4d4af
- https://git.kernel.org/stable/c/b0bdb43852bf7f55ba02f0cbf00b4ea7ca897bff
- https://git.kernel.org/stable/c/8cad724c8537fe3e0da8004646abc00290adae40
- https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.322
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.226
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.167
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.284
- https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.1.110
- https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.10.10
- https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.11
- https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.6.51