5.5

CVE-2024-42223

media: dvb-frontends: tda10048: Fix integer overflow

In the Linux kernel, the following vulnerability has been resolved:

media: dvb-frontends: tda10048: Fix integer overflow

state->xtal_hz can be up to 16M, so it can overflow a 32 bit integer
when multiplied by pll_mfactor.

Create a new 64 bit variable to hold the calculations.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version < 4.19.318
LinuxLinux Kernel Version >= 4.20 < 5.4.280
LinuxLinux Kernel Version >= 5.5 < 5.10.222
LinuxLinux Kernel Version >= 5.11 < 5.15.163
LinuxLinux Kernel Version >= 5.16 < 6.1.98
LinuxLinux Kernel Version >= 6.2 < 6.6.39
LinuxLinux Kernel Version >= 6.7 < 6.9.9
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.23% 0.139
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE-190 Integer Overflow or Wraparound

The product performs a calculation that can produce an integer overflow or wraparound when the logic assumes that the resulting value will always be larger than the original value. This occurs when an integer value is incremented to a value that is too large to store in the associated representation. When this occurs, the value may become a very small or negative number.

https://git.kernel.org/stable/c/1121d8a5c6ed6b8fad492e43b63b386cb6a3a9d8
Patch
https://git.kernel.org/stable/c/1663e2474e4d777187d749a5c90ae83232db32bd
Patch
https://git.kernel.org/stable/c/1aa1329a67cc214c3b7bd2a14d1301a795760b07
Patch
https://git.kernel.org/stable/c/5c72587d024f087aecec0221eaff2fe850d856ce
Patch
https://git.kernel.org/stable/c/8167e4d7dc086d4f7ca7897dcff3827e4d22c99a
Patch
https://git.kernel.org/stable/c/8ac224e9371dc3c4eb666033e6b42d05cf5184a1
Patch
https://git.kernel.org/stable/c/bd5620439959a7e02012588c724c6ff5143b80af
Patch
https://git.kernel.org/stable/c/e1ba22618758e95e09c9fd30c69ccce38edf94c0
Patch
https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html