CVE-2024-26778

MEDIUM

Linux Kernel < 4.19.308, 4.20.0-6.7.7 - Divide By Zero via savagefb_check_var

Title source: llm
STIX 2.1

Description

In the Linux kernel, the following vulnerability has been resolved: fbdev: savage: Error out if pixclock equals zero The userspace program could pass any values to the driver through ioctl() interface. If the driver doesn't check the value of pixclock, it may cause divide-by-zero error. Although pixclock is checked in savagefb_decode_var(), but it is not checked properly in savagefb_probe(). Fix this by checking whether pixclock is zero in the function savagefb_check_var() before info->var.pixclock is used as the divisor. This is similar to CVE-2022-3061 in i740fb which was fixed by commit 15cf0b8.

References (10)

Core 10
Core References

Scores

CVSS v3 5.5
EPSS 0.0025
EPSS Percentile 16.5%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact partial

Details

CWE
CWE-369
Status published
Products (28)
debian/debian_linux 10.0
linux/Kernel 2.6.12 - 4.19.308linux
linux/Kernel 4.20.0 - 5.4.270linux
linux/Kernel 5.11.0 - 5.15.150linux
linux/Kernel 5.16.0 - 6.1.80linux
linux/Kernel 5.5.0 - 5.10.211linux
linux/Kernel 6.2.0 - 6.6.19linux
linux/Kernel 6.7.0 - 6.7.7linux
Linux/Linux < 2.6.12
Linux/Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - 04e5eac8f3ab2ff52fa191c187a46d4fdbc1e288
... and 18 more
Published Apr 03, 2024
Tracked Since Feb 18, 2026