{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-19T04:12:34.361","vulnerabilities":[{"cve":{"id":"CVE-2024-57998","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2025-02-27T02:15:13.820","lastModified":"2025-11-03T20:16:57.137","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nOPP: add index check to assert to avoid buffer overflow in _read_freq()\n\nPass the freq index to the assert function to make sure\nwe do not read a freq out of the opp->rates[] table when called\nfrom the indexed variants:\ndev_pm_opp_find_freq_exact_indexed() or\ndev_pm_opp_find_freq_ceil/floor_indexed().\n\nAdd a secondary parameter to the assert function, unused\nfor assert_single_clk() then add assert_clk_index() which\nwill check for the clock index when called from the _indexed()\nfind functions."},{"lang":"es","value":"En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: OPP: agregar comprobación de índice a assert para evitar el desbordamiento de búfer en _read_freq() Pasar el índice freq a la función assert para asegurarnos de que no leemos un freq de la tabla opp->rates[] cuando se llama desde las variantes indexadas: dev_pm_opp_find_freq_exact_indexed() o dev_pm_opp_find_freq_ceil/floor_indexed(). Agregar un parámetro secundario a la función assert, no utilizado para assert_single_clk() y luego agregar assert_clk_index() que verificará el índice del reloj cuando se llame desde las funciones de búsqueda _indexed()."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-125"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.6","versionEndExcluding":"6.6.76","matchCriteriaId":"C9762EFE-508E-462C-B4F6-A1D1871149B5"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.7","versionEndExcluding":"6.12.13","matchCriteriaId":"2897389C-A8C3-4D69-90F2-E701B3D66373"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.13","versionEndExcluding":"6.13.2","matchCriteriaId":"6D4116B1-1BFD-4F23-BA84-169CC05FC5A3"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/774dd6f0f0a61c9c3848e025d7d9eeed1a7ca4cd","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/7d68c20638e50d5eb4576492a7958328ae445248","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/d659bc68ed489022ea33342cfbda2911a81e7a0d","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/da2a6acc73933b7812c94794726e438cde39e037","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/eb6ffa0192ba83ece1a318b956265519c5c7dcec","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://lists.debian.org/debian-lts-announce/2025/03/msg00028.html","source":"af854a3a-2127-422b-91ae-364da2661108"}]}}]}