CVE-2024-57998
HIGHLinux Kernel 6.6-6.6.75, 6.7-6.12.12, 6.13-6.13.1 - Out-of-bounds Read in OPP Frequency Table
Title source: llmDescription
In the Linux kernel, the following vulnerability has been resolved: OPP: add index check to assert to avoid buffer overflow in _read_freq() Pass the freq index to the assert function to make sure we do not read a freq out of the opp->rates[] table when called from the indexed variants: dev_pm_opp_find_freq_exact_indexed() or dev_pm_opp_find_freq_ceil/floor_indexed(). Add a secondary parameter to the assert function, unused for assert_single_clk() then add assert_clk_index() which will check for the clock index when called from the _indexed() find functions.
References (6)
Core 6
Core References
Scores
CVSS v3
7.8
EPSS
0.0022
EPSS Percentile
12.7%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-125
Status
published
Products (15)
linux/Kernel
6.13.0 - 6.13.2linux
linux/Kernel
6.6.0 - 6.6.76linux
linux/Kernel
6.7.0 - 6.12.13linux
Linux/Linux
< 6.6
Linux/Linux
142e17c1c2b48e3fb4f024e62ab6dee18f268694 - 7d68c20638e50d5eb4576492a7958328ae445248
Linux/Linux
142e17c1c2b48e3fb4f024e62ab6dee18f268694 - d659bc68ed489022ea33342cfbda2911a81e7a0d
Linux/Linux
142e17c1c2b48e3fb4f024e62ab6dee18f268694 - da2a6acc73933b7812c94794726e438cde39e037
Linux/Linux
142e17c1c2b48e3fb4f024e62ab6dee18f268694 - eb6ffa0192ba83ece1a318b956265519c5c7dcec
Linux/Linux
6.12.13 - 6.12.*
Linux/Linux
6.13.2 - 6.13.*
... and 5 more
Published
Feb 27, 2025
Tracked Since
Feb 18, 2026