In the Linux kernel, the following vulnerability has been resolved:
arm64: topology: fix possible overflow in amufiesetup()
cpufreqgethwmaxfreq() returns max frequency in kHz as unsigned int, while freqinvsetmaxratio() gets passed this frequency in Hz as 'u64'. Multiplying max frequency by 1000 can potentially result in overflow -- multiplying by 1000ULL instead should avoid that...
Found by Linux Verification Center (linuxtesting.org) with the SVACE static analysis tool.