CVE-2024-50233

staging: iio: frequency: ad9832: fix division by zero in ad9832_calc_freqreg()

Description

In the Linux kernel, the following vulnerability has been resolved: staging: iio: frequency: ad9832: fix division by zero in ad9832_calc_freqreg() In the ad9832_write_frequency() function, clk_get_rate() might return 0. This can lead to a division by zero when calling ad9832_calc_freqreg(). The check if (fout > (clk_get_rate(st->mclk) / 2)) does not protect against the case when fout is 0. The ad9832_write_frequency() function is called from ad9832_write(), and fout is derived from a text buffer, which can contain any value.

Category

5.5
CVSS
Severity: Medium
CVSS 3.1 •
EPSS 0.05%
Affected: Linux Linux
Affected: Linux Linux
Published at:
Updated at:

References

Link Tags
https://git.kernel.org/stable/c/fcd6b59f7a774558e2525251c68aa37aff748e55 patch
https://git.kernel.org/stable/c/442f786c5bff8cfd756ebdeaa4aadbf05c22aa5a patch
https://git.kernel.org/stable/c/2f39548f45693d86e950647012a214da6917dc9f patch
https://git.kernel.org/stable/c/ccbc10647aafe2b7506edb4b10e19c6c2416c162 patch
https://git.kernel.org/stable/c/adfbc08b94e7df08b9ed5fa26b969cc1b54c84ec patch
https://git.kernel.org/stable/c/dd9e1cf619c945f320e686dcaf13e37ef0b05fdd patch
https://git.kernel.org/stable/c/6bd301819f8f69331a55ae2336c8b111fc933f3d patch

Frequently Asked Questions

What is the severity of CVE-2024-50233?
CVE-2024-50233 has been scored as a medium severity vulnerability.
How to fix CVE-2024-50233?
To fix CVE-2024-50233, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2024-50233 being actively exploited in the wild?
As for now, there are no information to confirm that CVE-2024-50233 is being actively exploited. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2024-50233?
CVE-2024-50233 affects Linux Linux, Linux Linux.
This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.
© 2025 Under My Watch. All Rights Reserved.