medium
5.5
CWE
129
Advisory Published
CVE Published
Updated

CVE-2024-26969: clk: qcom: gcc-ipq8074: fix terminating of frequency table arrays

First published: Wed May 01 2024(Updated: )

In the Linux kernel, the following vulnerability has been resolved: clk: qcom: gcc-ipq8074: fix terminating of frequency table arrays The frequency table arrays are supposed to be terminated with an empty element. Add such entry to the end of the arrays where it is missing in order to avoid possible out-of-bound access when the table is traversed by functions like qcom_find_freq() or qcom_find_freq_floor(). Only compile tested.

Credit: 416baaa9-dc9f-4396-8d5f-8c081fb06d67 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Affected SoftwareAffected VersionHow to fix
Linux kernel>=4.16<4.19.312
Linux kernel>=4.20<5.4.274
Linux kernel>=5.5<5.10.215
Linux kernel>=5.11<5.15.154
Linux kernel>=5.16<6.1.84
Linux kernel>=6.2<6.6.24
Linux kernel>=6.7<6.7.12
Linux kernel>=6.8<6.8.3
Debian=10.0
debian/linux
5.10.223-1
5.10.234-1
6.1.123-1
6.1.128-1
6.12.12-1
6.12.17-1

Remedy

https://git.kernel.org/stable/c/1040ef5ed95d6fd2628bad387d78a61633e09429

Remedy

https://git.kernel.org/stable/c/83fe1bbd9e259ad109827ccfbfc2488e0dea8e94

Remedy

https://git.kernel.org/stable/c/851cc19bdb02556fb13629b3e4fef6f2bdb038fe

Remedy

https://git.kernel.org/stable/c/9de184d4e557d550fb0b7b833b676bda4f269e4f

Remedy

https://git.kernel.org/stable/c/b6b31b4c67ea6bd9222e5b73b330554c57f2f90d

Remedy

https://git.kernel.org/stable/c/be9e2752d823eca1d5af67014a1844a9176ff566

Remedy

https://git.kernel.org/stable/c/dd92b159c506804ac57adf3742d9728298bb1255

Remedy

https://git.kernel.org/stable/c/e117c6e2d1617520f5f7d7f6f6b395f01d8b5a27

Remedy

https://git.kernel.org/stable/c/fc3ac2fcd0a7fad63eba1b359490a4b81720d0f9

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Reference Links

Frequently Asked Questions

  • What is the severity of CVE-2024-26969?

    CVE-2024-26969 has been classified as a low-severity vulnerability affecting the Linux kernel.

  • How do I fix CVE-2024-26969?

    To remediate CVE-2024-26969, update your Linux kernel to the specified fixed versions such as 5.10.223-1, 6.1.123-1, or higher.

  • Which systems are affected by CVE-2024-26969?

    CVE-2024-26969 affects various versions of the Linux kernel including versions between 4.16 to 6.8, and also Debian Linux 10.0.

  • What is the cause of CVE-2024-26969?

    CVE-2024-26969 is caused by missing termination entries in frequency table arrays in the Linux kernel's clock management.

  • Is CVE-2024-26969 reversible once mitigated?

    Once mitigated by updating the kernel, CVE-2024-26969 cannot be reversed without reverting to an older kernel version without the fix.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203