Buffer Overflow Vulnerability in Linux Kernel Affects Multiple Variants
CVE-2024-57998

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 27 February 2025

Summary

A buffer overflow has been identified in the Linux kernel related to the handling of frequency indexes in the device power management (OPP) subsystem. This issue arises when the function to read frequency values, specifically through indexed calls, does not adequately check the bounds of the frequency rates table. To mitigate this, an index check has been added within the assert function, ensuring that the access to the rates array remains within its defined limits. This enhancement is vital for safeguarding against potential unintentional memory access violations that could lead to system instability or exploitation.

Affected Version(s)

Linux 92fcb46659d5dbfdad0422a503e289085990a5d0 < 774dd6f0f0a61c9c3848e025d7d9eeed1a7ca4cd

Linux 142e17c1c2b48e3fb4f024e62ab6dee18f268694

Linux 142e17c1c2b48e3fb4f024e62ab6dee18f268694 < 7d68c20638e50d5eb4576492a7958328ae445248

References

https://git.kernel.org/stable/c/774dd6f0f0a61c9c3848e025d...

https://git.kernel.org/stable/c/eb6ffa0192ba83ece1a318b95...

https://git.kernel.org/stable/c/7d68c20638e50d5eb4576492a...

Timeline

Vulnerability published
Feb 27, 2025
Vulnerability Reserved
Feb 27, 2025