Vulnerabilities > CVE-2024-50233 - Divide By Zero vulnerability in Linux Kernel
Attack vector
LOCAL Attack complexity
LOW Privileges required
LOW Confidentiality impact
NONE Integrity impact
NONE Availability impact
HIGH Summary
In the Linux kernel, the following vulnerability has been resolved: staging: iio: frequency: ad9832: fix division by zero in ad9832_calc_freqreg() In the ad9832_write_frequency() function, clk_get_rate() might return 0. This can lead to a division by zero when calling ad9832_calc_freqreg(). The check if (fout > (clk_get_rate(st->mclk) / 2)) does not protect against the case when fout is 0. The ad9832_write_frequency() function is called from ad9832_write(), and fout is derived from a text buffer, which can contain any value.
Vulnerable Configurations
Common Weakness Enumeration (CWE)
References
- https://git.kernel.org/stable/c/fcd6b59f7a774558e2525251c68aa37aff748e55
- https://git.kernel.org/stable/c/442f786c5bff8cfd756ebdeaa4aadbf05c22aa5a
- https://git.kernel.org/stable/c/2f39548f45693d86e950647012a214da6917dc9f
- https://git.kernel.org/stable/c/ccbc10647aafe2b7506edb4b10e19c6c2416c162
- https://git.kernel.org/stable/c/adfbc08b94e7df08b9ed5fa26b969cc1b54c84ec
- https://git.kernel.org/stable/c/dd9e1cf619c945f320e686dcaf13e37ef0b05fdd
- https://git.kernel.org/stable/c/6bd301819f8f69331a55ae2336c8b111fc933f3d