In the Linux kernel, the following vulnerability has been...
Unreviewed
Published
Apr 3, 2024
to the GitHub Advisory Database
•
Updated Jun 27, 2024
Description
Published by the National Vulnerability Database
Apr 3, 2024
Published to the GitHub Advisory Database
Apr 3, 2024
Last updated
Jun 27, 2024
In the Linux kernel, the following vulnerability has been resolved:
fbdev: sis: Error out if pixclock equals zero
The userspace program could pass any values to the driver through
ioctl() interface. If the driver doesn't check the value of pixclock,
it may cause divide-by-zero error.
In sisfb_check_var(), var->pixclock is used as a divisor to caculate
drate before it is checked against zero. Fix this by checking it
at the beginning.
This is similar to CVE-2022-3061 in i740fb which was fixed by
commit 15cf0b8.
References