CVE-2024-26664

hwmon: (coretemp) Fix out-of-bounds memory access

References

https://cve.org/CVERecord/?id=CVE-2024-26664

Notes

 carnil> Introduced in 7108b80a542b ("hwmon/coretemp: Handle large core ID value").
 carnil> Vulnerable versions: 4.19.264 5.4.221 5.10.152 5.15.76 6.0.6 6.1-rc2.

Bugs

Status

Branch	Status
4.19-buster-security	needed
4.19-upstream-stable	released (4.19.307) [93f0f4e846fcb682c3ec436e3b2e30e5a3a8ee6a]
5.10-bullseye-security	released (5.10.216-1)
5.10-upstream-stable	released (5.10.210) [f0da068c75c20ffc5ba28243ff577531dc2af1fd]
6.1-bookworm-security	released (6.1.82-1)
6.1-upstream-stable	released (6.1.78) [9bce69419271eb8b2b3ab467387cb59c99d80deb]
6.6-upstream-stable	released (6.6.17) [853a6503c586a71abf27e60a7f8c4fb28092976d]
6.8-upstream-stable	N/A "Fixed before branching point"
sid	released (6.7.7-1)
upstream	released (6.8-rc4) [4e440abc894585a34c2904a32cd54af1742311b3]