Lucene search

Debian Security Bug TrackerDEBIANCVE:CVE-2024-26968

HistoryMay 01, 2024 - 6:15 a.m.

CVE-2024-26968

2024-05-0106:15:13

Debian Security Bug Tracker

security-tracker.debian.org

cve-2024-26968

frequency table

out-of-bound access

qcom_find_freq

AI Score

6.6

Confidence

High

EPSS

Percentile

15.5%

JSON

In the Linux kernel, the following vulnerability has been resolved: clk: qcom: gcc-ipq9574: fix terminating of frequency table arrays The frequency table arrays are supposed to be terminated with an empty element. Add such entry to the end of the arrays where it is missing in order to avoid possible out-of-bound access when the table is traversed by functions like qcom_find_freq() or qcom_find_freq_floor(). Only compile tested.

OSVersionArchitecturePackageVersionFilename
Debian12alllinux< 6.1.106-3linux_6.1.106-3_all.deb
Debian11alllinux< 5.10.223-1linux_5.10.223-1_all.deb
Debian999alllinux< 6.7.12-1linux_6.7.12-1_all.deb
Debian13alllinux< 6.7.12-1linux_6.7.12-1_all.deb

OS	Version	Architecture	Package	Version	Filename
Debian	12	all	linux	< 6.1.106-3	linux_6.1.106-3_all.deb
Debian	11	all	linux	< 5.10.223-1	linux_5.10.223-1_all.deb
Debian	999	all	linux	< 6.7.12-1	linux_6.7.12-1_all.deb
Debian	13	all	linux	< 6.7.12-1	linux_6.7.12-1_all.deb