Updated:
Description:
In the Linux kernel, the following vulnerability has been resolved: OPP: add index check to assert to avoid buffer overflow in _read_freq() Pass the freq index to the assert function to make sure we do not read a freq out of the opp->rates[] table when called from the indexed variants: dev_pm_opp_find_freq_exact_indexed() or dev_pm_opp_find_freq_ceil/floor_indexed(). Add a secondary parameter to the assert function, unused for assert_single_clk() then add assert_clk_index() which will check for the clock index when called from the _indexed() find functions.
CVSS3: 7.8
| OS | Vendor version | Errata |
|---|---|---|
| RHEL 9 | 5.14.0-611.5.1.el9_7 | RHSA-2025:20518 |
| Ubuntu 24.04 | 6.8.0-64.67 | USN-7651-1 |
| Ubuntu 24.04 AWS | 6.8.0-1032.34 | USN-7651-1 |
| OS | Original kernel version | State |
|---|---|---|
| RHEL 9 | |
In Progress |
| Debian 12 | |
Planned |
| Ubuntu 24.04 | |
In Progress |
| Ubuntu 24.04 AWS | |
In Progress |