CVE-2024-43852

HIGH Year: 2024
CVSS v3 Score
7.8
High
Weakness Type
CWE-193
View all →

Vulnerability Description

In the Linux kernel, the following vulnerability has been resolved: hwmon: (ltc2991) re-order conditions to fix off by one bug LTC2991_T_INT_CH_NR is 4. The st->temp_en[] array has LTC2991_MAX_CHANNEL (4) elements. Thus if "channel" is equal to LTC2991_T_INT_CH_NR then we have read one element beyond the end of the array. Flip the conditions around so that we check if "channel" is valid before using it as an array index.

Related Vulnerabilities

CVE-2002-0653

HIGH
CVSS:7.8(High)

Off-by-one buffer overflow in the ssl_compat_directive function, as called by the rewrite_command hook for mod_ssl Apache module 2.8.9 and earlier, allows local users to execute arbitrary code as the ...

CWE-1932002

CVE-2002-0844

HIGH
CVSS:7.8(High)

Off-by-one overflow in the CVS PreservePermissions of rcs.c for CVSD before 1.11.2 allows local users to execute arbitrary code.

CWE-1932002

CVE-2004-0346

HIGH
CVSS:7.8(High)

Off-by-one buffer overflow in _xlate_ascii_write() in ProFTPD 1.2.7 through 1.2.9rc2p allows local users to gain privileges via a 1024 byte RETR command.

CWE-1932004

CVE-2010-5331

HIGH
CVSS:7.8(High)

In the Linux kernel before 2.6.34, a range check issue in drivers/gpu/drm/radeon/atombios.c could cause an off by one (buffer overflow) problem. NOTE: At least one Linux maintainer believes that this ...

CWE-1932010

CVE-2017-9720

HIGH
CVSS:7.8(High)

In all Qualcomm products with Android releases from CAF using the Linux kernel, due to an off-by-one error in a camera driver, an out-of-bounds read/write can occur.

CWE-1932017

CVE-2019-13305

HIGH
CVSS:7.8(High)

ImageMagick 7.0.8-50 Q16 has a stack-based buffer overflow at coders/pnm.c in WritePNMImage because of a misplaced strncpy and an off-by-one error.

CWE-1932019