vulnerability

Debian: CVE-2021-47098: linux -- security update

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
7	(AV:L/AC:L/Au:S/C:C/I:C/A:C)	2024-03-04	2024-07-30	2025-02-20

Severity

CVSS

(AV:L/AC:L/Au:S/C:C/I:C/A:C)

Published

2024-03-04

Added

2024-07-30

Modified

2025-02-20

Description

In the Linux kernel, the following vulnerability has been resolved:

hwmon: (lm90) Prevent integer overflow/underflow in hysteresis calculations

Commit b50aa49638c7 ("hwmon: (lm90) Prevent integer underflows of
temperature calculations") addressed a number of underflow situations
when writing temperature limits. However, it missed one situation, seen
when an attempt is made to set the hysteresis value to MAX_LONG and the
critical temperature limit is negative.

Use clamp_val() when setting the hysteresis temperature to ensure that
the provided value can never overflow or underflow.

Solution

debian-upgrade-linux

References

CVE-2021-47098
https://attackerkb.com/topics/CVE-2021-47098

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today