AZL-40421

See a problem?

Import Source

https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-40421.json

JSON Data

https://api.test.osv.dev/v1/vulns/AZL-40421

Upstream

CVE-2024-26966

Published

2024-05-01T06:15:12Z

Modified

2026-04-01T05:13:36.359466Z

Severity

5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator

Summary

CVE-2024-26966 affecting package hyperv-daemons for versions less than 5.15.158.1-1

Details

In the Linux kernel, the following vulnerability has been resolved:

clk: qcom: mmcc-apq8084: fix terminating of frequency table arrays

The frequency table arrays are supposed to be terminated with an empty element. Add such entry to the end of the arrays where it is missing in order to avoid possible out-of-bound access when the table is traversed by functions like qcomfindfreq() or qcomfindfreq_floor().

Only compile tested.

References

https://nvd.nist.gov/vuln/detail/CVE-2024-26966

Affected packages

Azure Linux:2 / hyperv-daemons

Package

Name: hyperv-daemons
Purl: pkg:rpm/azure-linux/hyperv-daemons

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

5.15.158.1-1

Database specific

source

"https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-40421.json"