CVE-2024-46759

HIGH

Linux Kernel < 4.19.322 - Integer Underflow

Title source: rule

Description

In the Linux kernel, the following vulnerability has been resolved: hwmon: (adc128d818) Fix underflows seen when writing limit attributes DIV_ROUND_CLOSEST() after kstrtol() results in an underflow if a large negative number such as -9223372036854775808 is provided by the user. Fix it by reordering clamp_val() and DIV_ROUND_CLOSEST() operations.

References (10)

[Mailing List] https://lists.debian.org/debian-lts-announce/2024/10/msg00003.html

[Mailing List] https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html

[Patch] https://git.kernel.org/stable/c/019ef2d396363ecddc46e826153a842f8603799b

[Patch] https://git.kernel.org/stable/c/05419d0056dcf7088687e561bb583cc06deba777

[Patch] https://git.kernel.org/stable/c/2a3add62f183459a057336381ef3a896da01ce38

[Patch] https://git.kernel.org/stable/c/6891b11a0c6227ca7ed15786928a07b1c0e4d4af

[Patch] https://git.kernel.org/stable/c/7645d783df23878342d5d8d22030c3861d2d5426

[Patch] https://git.kernel.org/stable/c/8cad724c8537fe3e0da8004646abc00290adae40

[Patch] https://git.kernel.org/stable/c/b0bdb43852bf7f55ba02f0cbf00b4ea7ca897bff

[Patch] https://git.kernel.org/stable/c/f7f5101af5b47a331cdbfa42ba64c507b47dd1fe

Scores

CVSS v3 7.8

EPSS 0.0001

EPSS Percentile 2.4%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-191

Status published

Products (8)

linux/Kernel 3.15.0 - 4.19.322linux

linux/Kernel 4.20.0 - 5.4.284linux

linux/Kernel 5.11.0 - 5.15.167linux

linux/Kernel 5.16.0 - 6.1.110linux

linux/Kernel 5.5.0 - 5.10.226linux

linux/Kernel 6.2.0 - 6.6.51linux

linux/Kernel 6.7.0 - 6.10.10linux

linux/linux_kernel < 4.19.322

Published Sep 18, 2024

Tracked Since Feb 18, 2026