7.1
CVE-2026-46293
- EPSS 0.13%
- Veröffentlicht 08.06.2026 15:46:20
- Zuletzt bearbeitet 08.07.2026 19:04:45
- Quelle 416baaa9-dc9f-4396-8d5f-8c081f
- CVE-Watchlists
- Unerledigt
clk: microchip: mpfs-ccc: fix out of bounds access during output registration
In the Linux kernel, the following vulnerability has been resolved: clk: microchip: mpfs-ccc: fix out of bounds access during output registration UBSAN reported an out of bounds access during registration of the last two outputs. This out of bounds access occurs because space is only allocated in the hws array for two PLLs and the four output dividers that each has, but the defined IDs contain two DLLS and their two outputs each, which are not supported by the driver. The ID order is PLLs -> DLLs -> PLL outputs -> DLL outputs. Decrement the PLL output IDs by two while adding them to the array to avoid the problem.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version >= 6.1 < 6.1.175
Linux ≫ Linux Kernel Version >= 6.2 < 6.6.140
Linux ≫ Linux Kernel Version >= 6.7 < 6.12.88
Linux ≫ Linux Kernel Version >= 6.13 < 6.18.30
Linux ≫ Linux Kernel Version >= 6.19 < 7.0.7
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.13% | 0.027 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.1 | 1.8 | 5.2 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
|
CWE-125 Out-of-bounds Read
The product reads data past the end, or before the beginning, of the intended buffer.
https://git.kernel.org/stable/c/9ed9b580a814773482c0a4f1be045636e68cc109
https://git.kernel.org/stable/c/47bc7a03449c39805bc2665d3e57c73195d5bcf8
https://git.kernel.org/stable/c/dbfcb09656cb30439577325c9dea2250203c2e3c
https://git.kernel.org/stable/c/a0780aeea166a7cf4706c45af4cadbb2a43a1fc9
https://git.kernel.org/stable/c/f24efd415455b98a1f1cfc6071fe6fde71986706
https://git.kernel.org/stable/c/2f7ae8ab6aa73daaf080d5332110357c29df9c36