CVE-2024-35922

fbmon: prevent division by zero in fb_videomode_from_videomode()

Description

In the Linux kernel, the following vulnerability has been resolved: fbmon: prevent division by zero in fb_videomode_from_videomode() The expression htotal * vtotal can have a zero value on overflow. It is necessary to prevent division by zero like in fb_var_to_videomode(). Found by Linux Verification Center (linuxtesting.org) with Svace.

Category

5.5
CVSS
Severity: Medium
CVSS 3.1 •
EPSS 0.05%
Affected: Linux Linux
Affected: Linux Linux
Published at:
Updated at:

References

Link Tags
https://git.kernel.org/stable/c/1fb52bc1de55e9e0bdf71fe078efd4da0889710f patch
https://git.kernel.org/stable/c/72d091b7515e0532ee015e144c906f3bcfdd6270 patch
https://git.kernel.org/stable/c/951838fee462aa01fa2a6a91d56f9a495082e7f0 patch
https://git.kernel.org/stable/c/48d6bcfc31751ca2e753d901a2d82f27edf8a029 patch
https://git.kernel.org/stable/c/664206ff8b019bcd1e55b10b2eea3add8761b971 patch
https://git.kernel.org/stable/c/3d4b909704bf2114f64f87363fa22b5ef8ac4a33 patch
https://git.kernel.org/stable/c/1b107d637fed68a787da77a3514ad06e57abd0b4 patch
https://git.kernel.org/stable/c/c2d953276b8b27459baed1277a4fdd5dd9bd4126 patch
https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html mailing list
https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html mailing list

Frequently Asked Questions

What is the severity of CVE-2024-35922?
CVE-2024-35922 has been scored as a medium severity vulnerability.
How to fix CVE-2024-35922?
To fix CVE-2024-35922, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2024-35922 being actively exploited in the wild?
As for now, there are no information to confirm that CVE-2024-35922 is being actively exploited. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2024-35922?
CVE-2024-35922 affects Linux Linux, Linux Linux.
This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.
© 2025 Under My Watch. All Rights Reserved.