[SRU][N][PATCH 0/1] CVE-2024-46756
Bethany Jamison
bethany.jamison at canonical.com
Thu Oct 10 19:11:03 UTC 2024
[Impact]
DIV_ROUND_CLOSEST() after kstrtol() results in an underflow if a large
negative number such as -9223372036854775808 is provided by the user.
Fix it by reordering clamp_val() and DIV_ROUND_CLOSEST() operations.
[Fix]
Noble: Clean cherry-pick from linux-6.10.y
Jammy: pending (5.15.0-125.135)
Focal: pending (5.4.0-200.220)
Bionic: fix sent to esm ML
Xenial: fix sent to esm ML
Trusty: won't fix
[Test Case]
Compile tested.
[Where problems could occur]
This fix affects those who use the driver for the hardware monitoring
functionality of the Winbond W83627EHF Super-I/O chip, an issue with
this fix would be visible to the user via data corruption or
inaccuracy.
Guenter Roeck (1):
hwmon: (w83627ehf) Fix underflows seen when writing limit attributes
drivers/hwmon/w83627ehf.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
--
2.34.1
More information about the kernel-team
mailing list