Entreprise française de cybersécurité depuis 2004
☎ 03 60 47 09 81 - info@securiteinfo.com
☎ 03 60 47 09 81 - info@securiteinfo.com
In the Linux kernel, the following vulnerability has been resolved:fbdev: savage: Error out if pixclock equals zeroThe userspace program could pass any values to the driver throughioctl() interface. If the driver doesn't check the value of pixclock,it may cause divide-by-zero error.Although pixclock is checked in savagefb_decode_var(), but it is notchecked properly in savagefb_probe(). Fix this by checking whetherpixclock is zero in the function savagefb_check_var() beforeinfo->var.pixclock is used as the divisor.This is similar to CVE-2022-3061 in i740fb which was fixed bycommit 15cf0b8.
No PoCs from references.
- https://github.com/fkie-cad/nvd-json-data-feeds