CVE-2024-43825
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2024-43825
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-43825.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2024-43825
- Downstream
- Related
- Published
- 2024-08-17T09:21:45Z
- Modified
- 2025-10-22T01:37:02.859706Z
- Summary
- iio: Fix the sorting functionality in iio_gts_build_avail_time_table
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
iio: Fix the sorting functionality in iiogtsbuildavailtime_table
The sorting in iiogtsbuildavailtime_table is not working as intended. It could result in an out-of-bounds access when the time is zero.
Here are more details:
- When the gts->itimetable[i].timeus is zero, e.g., the time
sequence is
3, 0, 1, the inner for-loop will not terminate and do out-of-bound writes. This is because oncetimes[j] > new, the valuenewwill be added in the current position and thetimes[j]will be moved toj+1position, which makes the if-condition always hold. Meanwhile, idx will be added one, making the loop keep running without termination and out-of-bound write. - If none of the gts->itimetable[i].timeus is zero, the elements will just be copied without being sorted as described in the comment "Sort times from all tables to one and remove duplicates".
For more details, please refer to https://lore.kernel.org/all/6dd0d822-046c-4dd2-9532-79d7ab96ec05@gmail.com.
- When the gts->itimetable[i].timeus is zero, e.g., the time
sequence is
- References
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced38416c28e16890b52fdd5eb73479299ec3f062f3Fixed31ff8464ef540785344994986a010031410f9ff3
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced38416c28e16890b52fdd5eb73479299ec3f062f3Fixedb5046de32fd1532c3f67065197fc1da82f0b5193
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced38416c28e16890b52fdd5eb73479299ec3f062f3Fixed5acc3f971a01be48d5ff4252d8f9cdb87998cdfb
Affected versions
v6.*
v6.10
v6.10-rc1
v6.10-rc2
v6.10-rc3
v6.10-rc4
v6.10-rc5
v6.10-rc6
v6.10-rc7
v6.10.1
v6.10.2
v6.3
v6.3-rc2
v6.3-rc3
v6.3-rc4
v6.3-rc5
v6.3-rc6
v6.3-rc7
v6.4
v6.4-rc1
v6.4-rc2
v6.4-rc3
v6.4-rc4
v6.4-rc5
v6.4-rc6
v6.4-rc7
v6.5
v6.5-rc1
v6.5-rc2
v6.5-rc3
v6.5-rc4
v6.5-rc5
v6.5-rc6
v6.5-rc7
v6.6
v6.6-rc1
v6.6-rc2
v6.6-rc3
v6.6-rc4
v6.6-rc5
v6.6-rc6
v6.6-rc7
v6.6.1
v6.6.10
v6.6.11
v6.6.12
v6.6.13
v6.6.14
v6.6.15
v6.6.16
v6.6.17
v6.6.18
v6.6.19
v6.6.2
v6.6.20
v6.6.21
v6.6.22
v6.6.23
v6.6.24
v6.6.25
v6.6.26
v6.6.27
v6.6.28
v6.6.29
v6.6.3
v6.6.30
v6.6.31
v6.6.32
v6.6.33
v6.6.34
v6.6.35
v6.6.36
v6.6.37
v6.6.38
v6.6.39
v6.6.4
v6.6.40
v6.6.41
v6.6.42
v6.6.43
v6.6.5
v6.6.6
v6.6.7
v6.6.8
v6.6.9
v6.7
v6.7-rc1
v6.7-rc2
v6.7-rc3
v6.7-rc4
v6.7-rc5
v6.7-rc6
v6.7-rc7
v6.7-rc8
v6.8
v6.8-rc1
v6.8-rc2
v6.8-rc3
v6.8-rc4
v6.8-rc5
v6.8-rc6
v6.8-rc7
v6.9
v6.9-rc1
v6.9-rc2
v6.9-rc3
v6.9-rc4
v6.9-rc5
v6.9-rc6
v6.9-rc7