CVE-2024-39475

MEDIUM

Linux Kernel - Divide By Zero in savagefb_probe via pixclock Handling

Title source: llm
STIX 2.1

Description

In the Linux kernel, the following vulnerability has been resolved: fbdev: savage: Handle err return when savagefb_check_var failed The commit 04e5eac8f3ab("fbdev: savage: Error out if pixclock equals zero") checks the value of pixclock to avoid divide-by-zero error. However the function savagefb_probe doesn't handle the error return of savagefb_check_var. When pixclock is 0, it will cause divide-by-zero error.

References (8)

Core 8

Scores

CVSS v3 5.5
EPSS 0.0023
EPSS Percentile 13.3%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact partial

Details

CWE
CWE-369
Status published
Products (34)
linux/Kernel < 4.19.316linux
linux/Kernel 4.20.0 - 5.4.278linux
linux/Kernel 5.11.0 - 5.15.161linux
linux/Kernel 5.16.0 - 6.1.94linux
linux/Kernel 5.5.0 - 5.10.219linux
linux/Kernel 6.2.0 - 6.6.34linux
linux/Kernel 6.7.0 - 6.9.5linux
Linux/Linux < 6.8
Linux/Linux 04e5eac8f3ab2ff52fa191c187a46d4fdbc1e288 - 5f446859bfa46df0ffb34149499f48a2c2d8cd95
Linux/Linux 04e5eac8f3ab2ff52fa191c187a46d4fdbc1e288 - 6ad959b6703e2c4c5d7af03b4cfd5ff608036339
... and 24 more
Published Jul 05, 2024
Tracked Since Feb 18, 2026