CVE-2024-58069

HIGH

Linux Kernel 5.2-6.13.2 - Out-of-bounds Write in PCF85063 NVMEM Read

Title source: llm
STIX 2.1

Description

In the Linux kernel, the following vulnerability has been resolved: rtc: pcf85063: fix potential OOB write in PCF85063 NVMEM read The nvmem interface supports variable buffer sizes, while the regmap interface operates with fixed-size storage. If an nvmem client uses a buffer size less than 4 bytes, regmap_read will write out of bounds as it expects the buffer to point at an unsigned int. Fix this by using an intermediary unsigned int to hold the value.

References (10)

Core 10
Core References

Scores

CVSS v3 7.8
EPSS 0.0020
EPSS Percentile 10.3%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact total

Details

CWE
CWE-787
Status published
Products (26)
linux/Kernel 5.11.0 - 5.15.179linux
linux/Kernel 5.16.0 - 6.1.129linux
linux/Kernel 5.2.0 - 5.4.291linux
linux/Kernel 5.5.0 - 5.10.235linux
linux/Kernel 6.13.0 - 6.13.2linux
linux/Kernel 6.2.0 - 6.6.76linux
linux/Kernel 6.7.0 - 6.12.13linux
Linux/Linux < 5.2
Linux/Linux 5.10.235 - 5.10.*
Linux/Linux 5.15.179 - 5.15.*
... and 16 more
Published Mar 06, 2025
Tracked Since Feb 18, 2026