Entreprise française de cybersécurité depuis 2004
☎ 03 60 47 09 81 - info@securiteinfo.com
☎ 03 60 47 09 81 - info@securiteinfo.com
In the Linux kernel, the following vulnerability has been resolved:arm64: topology: fix possible overflow in amu_fie_setup()cpufreq_get_hw_max_freq() returns max frequency in kHz as *unsigned int*,while freq_inv_set_max_ratio() gets passed this frequency in Hz as 'u64'.Multiplying max frequency by 1000 can potentially result in overflow --multiplying by 1000ULL instead should avoid that...Found by Linux Verification Center (linuxtesting.org) with the SVACE staticanalysis tool.
No PoCs from references.
- https://github.com/fkie-cad/nvd-json-data-feeds