First published: Fri Dec 27 2024(Updated: )
In the Linux kernel, the following vulnerability has been resolved: ad7780: fix division by zero in ad7780_write_raw() In the ad7780_write_raw() , val2 can be zero, which might lead to a division by zero error in DIV_ROUND_CLOSEST(). The ad7780_write_raw() is based on iio_info's write_raw. While val is explicitly declared that can be zero (in read mode), val2 is not specified to be non-zero.
Credit: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
Affected Software | Affected Version | How to fix |
---|---|---|
Linux Kernel | >=5.2<5.4.287 | |
Linux Kernel | >=5.5<5.10.231 | |
Linux Kernel | >=5.11<5.15.174 | |
Linux Kernel | >=5.16<6.1.120 | |
Linux Kernel | >=6.2<6.6.64 | |
Linux Kernel | >=6.7<6.12.4 | |
debian/linux | <=5.10.223-1 | 5.10.234-1 6.1.129-1 6.1.128-1 6.12.20-1 6.12.21-1 |
debian/linux-6.1 | 6.1.129-1~deb11u1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2024-56567 is classified as a medium severity vulnerability due to the potential for a division by zero error in the Linux kernel.
To remediate CVE-2024-56567, update to a patched version of the Linux kernel, specifically 5.10.234-1, 6.1.128-1, or later.
CVE-2024-56567 affects Linux kernel versions from 5.2 to 6.6, excluding the patched versions.
CVE-2024-56567 specifically impacts the ad7780 driver within the Linux kernel.
CVE-2024-56567 is primarily a local vulnerability, as it requires local access to exploit the division by zero error.