CVE-2024-42223

In the Linux kernel, the following vulnerability has been resolved: media: dvb-frontends: tda10048: Fix integer overflow state->xtal_hz can be up to 16M, so it can overflow a 32 bit integer when multiplied by pll_mfactor. Create a new 64 bit variable to hold the calculations.
Configurations

Configuration 1 (hide)

OR cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

History

21 Nov 2024, 09:33

Type Values Removed Values Added
References () https://git.kernel.org/stable/c/1121d8a5c6ed6b8fad492e43b63b386cb6a3a9d8 - Patch () https://git.kernel.org/stable/c/1121d8a5c6ed6b8fad492e43b63b386cb6a3a9d8 - Patch
References () https://git.kernel.org/stable/c/1663e2474e4d777187d749a5c90ae83232db32bd - Patch () https://git.kernel.org/stable/c/1663e2474e4d777187d749a5c90ae83232db32bd - Patch
References () https://git.kernel.org/stable/c/1aa1329a67cc214c3b7bd2a14d1301a795760b07 - Patch () https://git.kernel.org/stable/c/1aa1329a67cc214c3b7bd2a14d1301a795760b07 - Patch
References () https://git.kernel.org/stable/c/5c72587d024f087aecec0221eaff2fe850d856ce - Patch () https://git.kernel.org/stable/c/5c72587d024f087aecec0221eaff2fe850d856ce - Patch
References () https://git.kernel.org/stable/c/8167e4d7dc086d4f7ca7897dcff3827e4d22c99a - Patch () https://git.kernel.org/stable/c/8167e4d7dc086d4f7ca7897dcff3827e4d22c99a - Patch
References () https://git.kernel.org/stable/c/8ac224e9371dc3c4eb666033e6b42d05cf5184a1 - Patch () https://git.kernel.org/stable/c/8ac224e9371dc3c4eb666033e6b42d05cf5184a1 - Patch
References () https://git.kernel.org/stable/c/bd5620439959a7e02012588c724c6ff5143b80af - Patch () https://git.kernel.org/stable/c/bd5620439959a7e02012588c724c6ff5143b80af - Patch
References () https://git.kernel.org/stable/c/e1ba22618758e95e09c9fd30c69ccce38edf94c0 - Patch () https://git.kernel.org/stable/c/e1ba22618758e95e09c9fd30c69ccce38edf94c0 - Patch

02 Aug 2024, 14:24

Type Values Removed Values Added
CWE CWE-190
References () https://git.kernel.org/stable/c/1121d8a5c6ed6b8fad492e43b63b386cb6a3a9d8 - () https://git.kernel.org/stable/c/1121d8a5c6ed6b8fad492e43b63b386cb6a3a9d8 - Patch
References () https://git.kernel.org/stable/c/1663e2474e4d777187d749a5c90ae83232db32bd - () https://git.kernel.org/stable/c/1663e2474e4d777187d749a5c90ae83232db32bd - Patch
References () https://git.kernel.org/stable/c/1aa1329a67cc214c3b7bd2a14d1301a795760b07 - () https://git.kernel.org/stable/c/1aa1329a67cc214c3b7bd2a14d1301a795760b07 - Patch
References () https://git.kernel.org/stable/c/5c72587d024f087aecec0221eaff2fe850d856ce - () https://git.kernel.org/stable/c/5c72587d024f087aecec0221eaff2fe850d856ce - Patch
References () https://git.kernel.org/stable/c/8167e4d7dc086d4f7ca7897dcff3827e4d22c99a - () https://git.kernel.org/stable/c/8167e4d7dc086d4f7ca7897dcff3827e4d22c99a - Patch
References () https://git.kernel.org/stable/c/8ac224e9371dc3c4eb666033e6b42d05cf5184a1 - () https://git.kernel.org/stable/c/8ac224e9371dc3c4eb666033e6b42d05cf5184a1 - Patch
References () https://git.kernel.org/stable/c/bd5620439959a7e02012588c724c6ff5143b80af - () https://git.kernel.org/stable/c/bd5620439959a7e02012588c724c6ff5143b80af - Patch
References () https://git.kernel.org/stable/c/e1ba22618758e95e09c9fd30c69ccce38edf94c0 - () https://git.kernel.org/stable/c/e1ba22618758e95e09c9fd30c69ccce38edf94c0 - Patch
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 5.5
First Time Linux linux Kernel
Linux
CPE cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

30 Jul 2024, 13:32

Type Values Removed Values Added
Summary
  • (es) En el kernel de Linux, se resolvió la siguiente vulnerabilidad: medios: dvb-frontends: tda10048: corrige el estado de desbordamiento de enteros->xtal_hz puede ser de hasta 16 M, por lo que puede desbordar un entero de 32 bits cuando se multiplica por pll_mfactor. Cree una nueva variable de 64 bits para contener los cálculos.

30 Jul 2024, 08:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-07-30 08:15

Updated : 2024-11-21 09:33


NVD link : CVE-2024-42223

Mitre link : CVE-2024-42223

CVE.ORG link : CVE-2024-42223


JSON object : View

Products Affected

linux

  • linux_kernel
CWE
CWE-190

Integer Overflow or Wraparound