2 matches found
CVE-2026-52948
CVE-2026-52948 affects the Linux kernel I2C subsystem (i2c: dev) where the I2C_TIMEOUT ioctl accepts a user timeout in 10 ms steps. The argument is checked against INT_MAX but is then multiplied by 10 before passing to msecs_to_jiffies(). A malicious user can pass a value (e.g., 429496729) that p...
CVE-2026-52948 i2c: dev: prevent integer overflow in I2C_TIMEOUT ioctl
In the Linux kernel, the following vulnerability has been resolved: i2c: dev: prevent integer overflow in I2CTIMEOUT ioctl While fuzzing with Syzkaller, a persistent scheduletimeout: wrong timeout value warning was observed, accompanied by SMBus controller state machine corruption. The I2CTIMEOUT...