CVE-2024-57998

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2024-57998

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-57998.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2024-57998

Downstream

BELL-CVE-2024-57998

DEBIAN-CVE-2024-57998

DLA-4102-1

OESA-2025-1339

OESA-2025-1340

SUSE-SU-2025:01707-1

SUSE-SU-2025:01919-1

SUSE-SU-2025:01951-1

SUSE-SU-2025:01964-1

SUSE-SU-2025:01967-1

UBUNTU-CVE-2024-57998

USN-7521-1

USN-7521-3

USN-7651-1

USN-7651-2

USN-7651-3

USN-7651-4

USN-7651-5

USN-7651-6

USN-7652-1

USN-7653-1

USN-7737-1

Related

Published

2025-02-27T02:15:13Z

Modified

2025-08-09T19:01:28Z

Summary

[none]

Details

In the Linux kernel, the following vulnerability has been resolved:

OPP: add index check to assert to avoid buffer overflow in readfreq()

Pass the freq index to the assert function to make sure we do not read a freq out of the opp->rates[] table when called from the indexed variants: devpmoppfindfreqexactindexed() or devpmoppfindfreqceil/floorindexed().

Add a secondary parameter to the assert function, unused for assertsingleclk() then add assertclkindex() which will check for the clock index when called from the _indexed() find functions.

References

Affected packages