摘要:
In the Linux kernel, the following vulnerability has been resolved:arm64: topology: fix possible overflow in amu_fie_setup()cpufreq_get_hw_max_freq() returns max frequency in kHz as *unsigned int*,while freq_inv_set_max_ratio() gets passed this frequency in Hz as u64 .Multiplying max frequency by 1000 can potentially result in overflow --multiplying by 1000ULL instead should avoid that...Found by Linux Verification Center (linuxtesting.org) with the SVACE staticanalysis tool.
安全等级: Low
公告ID: KylinSec-SA-2024-2685
发布日期: 2024年6月13日
关联CVE: CVE-2022-48657
In the Linux kernel, the following vulnerability has been resolved:arm64: topology: fix possible overflow in amu_fie_setup()cpufreq_get_hw_max_freq() returns max frequency in kHz as *unsigned int*,while freq_inv_set_max_ratio() gets passed this frequency in Hz as u64 .Multiplying max frequency by 1000 can potentially result in overflow --multiplying by 1000ULL instead should avoid that...Found by Linux Verification Center (linuxtesting.org) with the SVACE staticanalysis tool.
| cve名称 | 产品 | 组件 | 是否受影响 |
|---|---|---|---|
| CVE-2022-48657 | KY3.4-5 | kernel | Unaffected |
| CVE-2022-48657 | KY3.5.3 | kernel | Unaffected |
| CVE-2022-48657 | V6 | kernel | Unaffected |
