SB20240608110 - Out-of-bounds read in Linux kernel clk qcom driver
Published: June 8, 2024 Updated: May 13, 2025
Security Bulletin ID
SB20240608110
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Local access
Highest impact
Denial of service
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Out-of-bounds read (CVE-ID: CVE-2024-26965)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the F() function in drivers/clk/qcom/mmcc-msm8974.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/99740c4791dc8019b0d758c5389ca6d1c0604d95
- https://git.kernel.org/stable/c/86bf75d9158f511db7530bc82a84b19a5134d089
- https://git.kernel.org/stable/c/3ff4a0f6a8f0ad4b4ee9e908bdfc3cacb7be4060
- https://git.kernel.org/stable/c/8f562f3b25177c2055b20fd8cf000496f6fa9194
- https://git.kernel.org/stable/c/537040c257ab4cd0673fbae048f3940c8ea2e589
- https://git.kernel.org/stable/c/7e9926fef71e514b4a8ea9d11d5a84d52b181362
- https://git.kernel.org/stable/c/ae99e199037c580b7350bfa3596f447a53bcf01f
- https://git.kernel.org/stable/c/ca2cf98d46748373e830a13d85d215d64a2d9bf2
- https://git.kernel.org/stable/c/e2c02a85bf53ae86d79b5fccf0a75ac0b78e0c96
- https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.312
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.215
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.154
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.274
- https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.1.84
- https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.6.24
- https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.7.12
- https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.8.3