CVE-2024-43852
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2024-43852
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-43852.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2024-43852
- Downstream
- Published
- 2024-08-17T09:22:09Z
- Modified
- 2025-10-17T10:38:05.607034Z
- Summary
- hwmon: (ltc2991) re-order conditions to fix off by one bug
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
hwmon: (ltc2991) re-order conditions to fix off by one bug
LTC2991TINTCHNR is 4. The st->tempen[] array has LTC2991MAXCHANNEL (4) elements. Thus if "channel" is equal to LTC2991TINTCH_NR then we have read one element beyond the end of the array. Flip the conditions around so that we check if "channel" is valid before using it as an array index.
- References
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced2b9ea4262ae9114b0b86ac893b4d6175d8520001Fixedc180311c0a520692e2d0e9ca44dcd6c2ff1b41c4
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced2b9ea4262ae9114b0b86ac893b4d6175d8520001Fixed99bf7c2eccff82760fa23ce967cc67c8c219c6a6
Affected versions
v6.*
v6.10
v6.10-rc1
v6.10-rc2
v6.10-rc3
v6.10-rc4
v6.10-rc5
v6.10-rc6
v6.10-rc7
v6.10.1
v6.10.2
v6.6
v6.6-rc4
v6.6-rc5
v6.6-rc6
v6.6-rc7
v6.7
v6.7-rc1
v6.7-rc2
v6.7-rc3
v6.7-rc4
v6.7-rc5
v6.7-rc6
v6.7-rc7
v6.7-rc8
v6.8
v6.8-rc1
v6.8-rc2
v6.8-rc3
v6.8-rc4
v6.8-rc5
v6.8-rc6
v6.8-rc7
v6.9
v6.9-rc1
v6.9-rc2
v6.9-rc3
v6.9-rc4
v6.9-rc5
v6.9-rc6
v6.9-rc7