CVE-2024-47663

staging: iio: frequency: ad9834: Validate frequency parameter value

Description

In the Linux kernel, the following vulnerability has been resolved: staging: iio: frequency: ad9834: Validate frequency parameter value In ad9834_write_frequency() clk_get_rate() can return 0. In such case ad9834_calc_freqreg() call will lead to division by zero. Checking 'if (fout > (clk_freq / 2))' doesn't protect in case of 'fout' is 0. ad9834_write_frequency() is called from ad9834_write(), where fout is taken from text buffer, which can contain any value. Modify parameters checking. Found by Linux Verification Center (linuxtesting.org) with SVACE.

Category

5.5
CVSS
Severity: Medium
CVSS 3.1 •
EPSS 0.04%
Affected: Linux Linux
Affected: Linux Linux
Published at:
Updated at:

References

Link Tags
https://git.kernel.org/stable/c/5edc3a45ef428501000a7b23d0e1777a548907f6
https://git.kernel.org/stable/c/0e727707a239d5c519fc9abc2f0fd913516a7e47 patch
https://git.kernel.org/stable/c/41cc91e3138fe52f8da92a81bebcd0e6cf488c53 patch
https://git.kernel.org/stable/c/d8b09a5edc4a634373158c1a405491de3c52e58a patch
https://git.kernel.org/stable/c/3ba9abfcaa9e16bb91ed7e0e2b42e94a157a953e patch
https://git.kernel.org/stable/c/dc12e49f970b08d8b007b8981b97e2eb93c0e89d patch
https://git.kernel.org/stable/c/8961b245e8f92bccbaacfbbdf69eba60e3e7c227 patch
https://git.kernel.org/stable/c/b48aa991758999d4e8f9296c5bbe388f293ef465 patch

Frequently Asked Questions

What is the severity of CVE-2024-47663?
CVE-2024-47663 has been scored as a medium severity vulnerability.
How to fix CVE-2024-47663?
To fix CVE-2024-47663, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2024-47663 being actively exploited in the wild?
As for now, there are no information to confirm that CVE-2024-47663 is being actively exploited. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2024-47663?
CVE-2024-47663 affects Linux Linux, Linux Linux.
This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.
© 2025 Under My Watch. All Rights Reserved.