The macsmc‑hwmon driver for Apple Silicon introduced a regression in the sensor population logic and in floating‑point conversion to the System Management Controller (SMC). The voltage sensor loop used an incorrect prefix and incorrectly stored voltage sensors in the temperature sensor array, causing out‑of‑bounds memory accesses when both sensor types were present. The float conversion routine also omitted mantissa masking for large exponent values, allowing incorrect data to be written into the SMC. These bugs can corrupt kernel memory or produce invalid fan‑control values, potentially destabilizing the system or enabling privilege escalation if exploited.

The flaw is limited to Linux kernel releases that compile the macsmc-hwmon driver for Apple Silicon. Kernel versions that incorporate the commit references listed in the advisory (including the current mainline and the recent 7.x release candidates) are impacted. Systems that run non‑Apple Silicon hardware or kernels without the macsmc module are not affected.

The CVSS score of 7.8 indicates a moderate to high severity vulnerability, while the EPSS score is reported as less than 1 % and the issue is not listed in CISA’s KEV catalog, suggesting a low but not negligible likelihood of exploitation. Based on the description, it is inferred that the attacker would need the ability to trigger the flawed sensor population or write logic, which likely requires local user access to the hwmon interface or a privileged application that can manipulate sensor readings. Successful exploitation could lead to kernel memory corruption and potential privilege escalation, but would require the attacker to obtain kernel or local access to the hardware monitoring subsystem.