CVE-2024-26730

HIGH

Linux Kernel 6.6-6.6.19 and 6.7-6.7.7 - Out-of-bounds Write in NCT6775 Temperature Configuration Register Access

Title source: llm

Description

In the Linux kernel, the following vulnerability has been resolved: hwmon: (nct6775) Fix access to temperature configuration registers The number of temperature configuration registers does not always match the total number of temperature registers. This can result in access errors reported if KASAN is enabled. BUG: KASAN: global-out-of-bounds in nct6775_probe+0x5654/0x6fe9 nct6775_core

References (3)

Core 3

Core References

Patch

https://git.kernel.org/stable/c/f006c45a3ea424f8f6c8e4b9283bc245ce2a4d0f

Patch

https://git.kernel.org/stable/c/c196387820c9214c5ceaff56d77303c82514b8b1

Patch

https://git.kernel.org/stable/c/d56e460e19ea8382f813eb489730248ec8d7eb73

Scores

CVSS v3 7.0

EPSS 0.0024

EPSS Percentile 15.6%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-787

Status published

Products (13)

linux/Kernel 6.6.0 - 6.6.19linux

linux/Kernel 6.7.0 - 6.7.7linux

Linux/Linux < 6.6

Linux/Linux 6.6

Linux/Linux 6.6.19 - 6.6.*

Linux/Linux 6.7.7 - 6.7.*

Linux/Linux 6.8

Linux/Linux b7f1f7b2523a6a4382f12fe953380b847b80e09d - c196387820c9214c5ceaff56d77303c82514b8b1

Linux/Linux b7f1f7b2523a6a4382f12fe953380b847b80e09d - d56e460e19ea8382f813eb489730248ec8d7eb73

Linux/Linux b7f1f7b2523a6a4382f12fe953380b847b80e09d - f006c45a3ea424f8f6c8e4b9283bc245ce2a4d0f

... and 3 more

Published Apr 03, 2024

Tracked Since Feb 18, 2026