CVE-2024-26730

HIGH

Linux Kernel < 6.6.19 - Out-of-Bounds Write

Title source: rule

Description

In the Linux kernel, the following vulnerability has been resolved: hwmon: (nct6775) Fix access to temperature configuration registers The number of temperature configuration registers does not always match the total number of temperature registers. This can result in access errors reported if KASAN is enabled. BUG: KASAN: global-out-of-bounds in nct6775_probe+0x5654/0x6fe9 nct6775_core

References (3)

[Patch] https://git.kernel.org/stable/c/c196387820c9214c5ceaff56d77303c82514b8b1

[Patch] https://git.kernel.org/stable/c/d56e460e19ea8382f813eb489730248ec8d7eb73

[Patch] https://git.kernel.org/stable/c/f006c45a3ea424f8f6c8e4b9283bc245ce2a4d0f

Scores

CVSS v3 7.0

EPSS 0.0010

EPSS Percentile 26.7%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Classification

CWE

CWE-787

Status published

Affected Products (9)

linux/linux_kernel < 6.6.19

linux/linux_kernel

linux/Kernel < 6.6.19linux

linux/Kernel < 6.7.7linux

Timeline

Published Apr 03, 2024

Tracked Since Feb 18, 2026