Vulnerabilities > CVE-2024-47663 - Divide By Zero vulnerability in Linux Kernel
Attack vector
LOCAL Attack complexity
LOW Privileges required
LOW Confidentiality impact
NONE Integrity impact
NONE Availability impact
HIGH Summary
In the Linux kernel, the following vulnerability has been resolved: staging: iio: frequency: ad9834: Validate frequency parameter value In ad9834_write_frequency() clk_get_rate() can return 0. In such case ad9834_calc_freqreg() call will lead to division by zero. Checking 'if (fout > (clk_freq / 2))' doesn't protect in case of 'fout' is 0. ad9834_write_frequency() is called from ad9834_write(), where fout is taken from text buffer, which can contain any value. Modify parameters checking. Found by Linux Verification Center (linuxtesting.org) with SVACE.
Vulnerable Configurations
Common Weakness Enumeration (CWE)
References
- https://git.kernel.org/stable/c/0e727707a239d5c519fc9abc2f0fd913516a7e47
- https://git.kernel.org/stable/c/41cc91e3138fe52f8da92a81bebcd0e6cf488c53
- https://git.kernel.org/stable/c/d8b09a5edc4a634373158c1a405491de3c52e58a
- https://git.kernel.org/stable/c/3ba9abfcaa9e16bb91ed7e0e2b42e94a157a953e
- https://git.kernel.org/stable/c/dc12e49f970b08d8b007b8981b97e2eb93c0e89d
- https://git.kernel.org/stable/c/8961b245e8f92bccbaacfbbdf69eba60e3e7c227
- https://git.kernel.org/stable/c/b48aa991758999d4e8f9296c5bbe388f293ef465