CVE-2024-43852

Source
https://nvd.nist.gov/vuln/detail/CVE-2024-43852
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-43852.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2024-43852
Downstream
Published
2024-08-17T10:15:10Z
Modified
2025-08-09T20:01:28Z
Severity
  • 7.8 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

In the Linux kernel, the following vulnerability has been resolved:

hwmon: (ltc2991) re-order conditions to fix off by one bug

LTC2991TINTCHNR is 4. The st->tempen[] array has LTC2991MAXCHANNEL (4) elements. Thus if "channel" is equal to LTC2991TINTCH_NR then we have read one element beyond the end of the array. Flip the conditions around so that we check if "channel" is valid before using it as an array index.

References

Affected packages