CVE-2024-26965 - Vulnerability Details

In the Linux kernel, the following vulnerability has been resolved:

clk: qcom: mmcc-msm8974: fix terminating of frequency table arrays

The frequency table arrays are supposed to be terminated with an
empty element. Add such entry to the end of the arrays where it
is missing in order to avoid possible out-of-bound access when
the table is traversed by functions like qcom_find_freq() or
qcom_find_freq_floor().

Only compile tested.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00046.

Exploitation none

Automatable no

Technical Impact partial

Vendors	Products
Linux Subscribe	Linux Kernel Subscribe

No data.

OpenCVE Enrichment is a feature of OpenCVE that uses AI to automatically link vendors and products to CVEs. Learn more on GitHub.

Vendors	Products
Linux Subscribe	Linux Kernel Subscribe

Advisories

Source	ID	Title
Debian DLA	DLA-3840-1	linux security update
Debian DLA	DLA-3842-1	linux-5.10 security update
Debian DSA	DSA-5681-1	linux security update
Ubuntu USN	USN-6816-1	Linux kernel vulnerabilities
Ubuntu USN	USN-6817-1	Linux kernel vulnerabilities
Ubuntu USN	USN-6817-2	Linux kernel (OEM) vulnerabilities
Ubuntu USN	USN-6817-3	Linux kernel vulnerabilities
Ubuntu USN	USN-6878-1	Linux kernel (Oracle) vulnerabilities
Ubuntu USN	USN-6896-1	Linux kernel vulnerabilities
Ubuntu USN	USN-6896-2	Linux kernel vulnerabilities
Ubuntu USN	USN-6896-3	Linux kernel vulnerabilities
Ubuntu USN	USN-6896-4	Linux kernel vulnerabilities
Ubuntu USN	USN-6896-5	Linux kernel vulnerabilities
Ubuntu USN	USN-6898-1	Linux kernel vulnerabilities
Ubuntu USN	USN-6898-2	Linux kernel vulnerabilities
Ubuntu USN	USN-6898-3	Linux kernel kernel vulnerabilities
Ubuntu USN	USN-6898-4	Linux kernel vulnerabilities
Ubuntu USN	USN-6917-1	Linux kernel vulnerabilities
Ubuntu USN	USN-6919-1	Linux kernel vulnerabilities
Ubuntu USN	USN-6927-1	Linux kernel vulnerabilities
Ubuntu USN	USN-7019-1	Linux kernel vulnerabilities

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References

Link	Providers
https://git.kernel.org/stable/c/3ff4a0f6a8f0ad4b4ee9e908bdfc3cacb7be4060
https://git.kernel.org/stable/c/537040c257ab4cd0673fbae048f3940c8ea2e589
https://git.kernel.org/stable/c/7e9926fef71e514b4a8ea9d11d5a84d52b181362
https://git.kernel.org/stable/c/86bf75d9158f511db7530bc82a84b19a5134d089
https://git.kernel.org/stable/c/8f562f3b25177c2055b20fd8cf000496f6fa9194
https://git.kernel.org/stable/c/99740c4791dc8019b0d758c5389ca6d1c0604d95
https://git.kernel.org/stable/c/ae99e199037c580b7350bfa3596f447a53bcf01f
https://git.kernel.org/stable/c/ca2cf98d46748373e830a13d85d215d64a2d9bf2
https://git.kernel.org/stable/c/e2c02a85bf53ae86d79b5fccf0a75ac0b78e0c96
https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html
https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html
https://lore.kernel.org/linux-cve-announce/2024050130-CVE-2024-26965-a43f@gregkh/T
https://nvd.nist.gov/vuln/detail/CVE-2024-26965
https://www.cve.org/CVERecord?id=CVE-2024-26965

History

Fri, 22 Nov 2024 12:00:00 +0000

Type	Values Removed	Values Added
References		https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html

Tue, 05 Nov 2024 10:45:00 +0000

Type	Values Removed	Values Added
References	https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html

Projects

Sign in to view the affected projects.

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2024-05-01T05:19:32.635Z

Updated: 2025-05-04T09:00:58.832Z

Reserved: 2024-02-19T14:20:24.201Z

Link: CVE-2024-26965

Vulnrichment

Updated: 2024-08-02T00:21:05.666Z

NVD

Status : Awaiting Analysis

Published: 2024-05-01T06:15:12.783

Modified: 2024-11-21T09:03:30.383

Link: CVE-2024-26965

Redhat

Severity : Moderate

Publid Date: 2024-05-01T00:00:00Z

Links: CVE-2024-26965 - Bugzilla

OpenCVE Enrichment

Updated: 2025-07-13T21:07:29Z

Weaknesses

No weakness.

Metrics

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Exploitation none

Automatable no

Technical Impact partial

Affected Vendors & Products

Projects

Metrics

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Exploitation none

Automatable no

Technical Impact partial

Affected Vendors & Products

Projects

JSON object

JSON object

JSON object

JSON object

JSON object