7.8
HIGH
CVE-2024-46758
Linux Kernel hwmon lm95234 Integer Underflow
Description

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.

INFO

Published Date :

Sept. 18, 2024, 8:15 a.m.

Last Modified :

Jan. 9, 2025, 4:16 p.m.

Source :

416baaa9-dc9f-4396-8d5f-8c081fb06d67

Remotely Exploitable :

No

Impact Score :

5.9

Exploitability Score :

1.8
Affected Products

The following products are affected by CVE-2024-46758 vulnerability. Even if cvefeed.io is aware of the exact versions of the products that are affected, the information is not represented in the table below.

ID Vendor Product Action
1 Linux linux_kernel
: Total Affected Vendor : 1 | Products : 1

We scan GitHub repositories to detect new proof-of-concept exploits. Following list is a collection of public exploits and proof-of-concepts, which have been published on GitHub (sorted by the most recently updated).

Results are limited to the first 15 repositories due to potential performance issues.

The following list is the news that have been mention CVE-2024-46758 vulnerability anywhere in the article.

The following table lists the changes that have been made to the CVE-2024-46758 vulnerability over time.

Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability's severity, exploitability, or other characteristics.

  • CVE Rejected by 416baaa9-dc9f-4396-8d5f-8c081fb06d67

    Jan. 09, 2025

    Action Type Old Value New Value
  • CVE Modified by 416baaa9-dc9f-4396-8d5f-8c081fb06d67

    Jan. 09, 2025

    Action Type Old Value New Value
    Changed Description In the Linux kernel, the following vulnerability has been resolved: hwmon: (lm95234) Fix underflows seen when writing limit attributes DIV_ROUND_CLOSEST() after kstrtol() results in an underflow if a large negative number such as -9223372036854775808 is provided by the user. Fix it by reordering clamp_val() and DIV_ROUND_CLOSEST() operations. Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
    Removed CVSS V3.1 NIST: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
    Removed CWE NIST: CWE-191
    Removed CPE Configuration 3174019 Config Identifier: 0, OR *cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from (including) 5.11 from (excluding) 5.15.167 *cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from (excluding) 4.19.322 *cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from (including) 6.7 from (excluding) 6.10.10 *cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from (including) 6.2 from (excluding) 6.6.51 *cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from (including) 5.16 from (excluding) 6.1.110 *cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from (including) 5.5 from (excluding) 5.10.226 *cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from (including) 4.20 from (excluding) 5.4.284
    Removed Reference kernel.org: https://git.kernel.org/stable/c/0fc27747633aa419f9af40e7bdfa00d2ec94ea81
    Removed Reference kernel.org: https://git.kernel.org/stable/c/16f42953231be1e7be77bc24005270d9e0d9d2ee
    Removed Reference kernel.org: https://git.kernel.org/stable/c/438453dfbbdcf4be26891492644aa3ecbb42c336
    Removed Reference kernel.org: https://git.kernel.org/stable/c/46e4fd338d5bdbaf60e41cda625b24949d2af201
    Removed Reference kernel.org: https://git.kernel.org/stable/c/59c1fb9874a01c9abc49a0a32f192a7e7b4e2650
    Removed Reference kernel.org: https://git.kernel.org/stable/c/93f0f5721d0cca45dac50af1ae6f9a9826c699fd
    Removed Reference kernel.org: https://git.kernel.org/stable/c/af64e3e1537896337405f880c1e9ac1f8c0c6198
    Removed Reference kernel.org: https://git.kernel.org/stable/c/da765bebd90e1b92bdbc3c6a27a3f3cc81529ab6
    Removed Reference Type kernel.org: https://git.kernel.org/stable/c/0fc27747633aa419f9af40e7bdfa00d2ec94ea81 Types: Patch
    Removed Reference Type kernel.org: https://git.kernel.org/stable/c/16f42953231be1e7be77bc24005270d9e0d9d2ee Types: Patch
    Removed Reference Type kernel.org: https://git.kernel.org/stable/c/438453dfbbdcf4be26891492644aa3ecbb42c336 Types: Patch
    Removed Reference Type kernel.org: https://git.kernel.org/stable/c/46e4fd338d5bdbaf60e41cda625b24949d2af201 Types: Patch
    Removed Reference Type kernel.org: https://git.kernel.org/stable/c/59c1fb9874a01c9abc49a0a32f192a7e7b4e2650 Types: Patch
    Removed Reference Type kernel.org: https://git.kernel.org/stable/c/93f0f5721d0cca45dac50af1ae6f9a9826c699fd Types: Patch
    Removed Reference Type kernel.org: https://git.kernel.org/stable/c/af64e3e1537896337405f880c1e9ac1f8c0c6198 Types: Patch
    Removed Reference Type kernel.org: https://git.kernel.org/stable/c/da765bebd90e1b92bdbc3c6a27a3f3cc81529ab6 Types: Patch
  • Initial Analysis by [email protected]

    Sep. 23, 2024

    Action Type Old Value New Value
    Added CVSS V3.1 NIST AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
    Changed Reference Type https://git.kernel.org/stable/c/0fc27747633aa419f9af40e7bdfa00d2ec94ea81 No Types Assigned https://git.kernel.org/stable/c/0fc27747633aa419f9af40e7bdfa00d2ec94ea81 Patch
    Changed Reference Type https://git.kernel.org/stable/c/16f42953231be1e7be77bc24005270d9e0d9d2ee No Types Assigned https://git.kernel.org/stable/c/16f42953231be1e7be77bc24005270d9e0d9d2ee Patch
    Changed Reference Type https://git.kernel.org/stable/c/438453dfbbdcf4be26891492644aa3ecbb42c336 No Types Assigned https://git.kernel.org/stable/c/438453dfbbdcf4be26891492644aa3ecbb42c336 Patch
    Changed Reference Type https://git.kernel.org/stable/c/46e4fd338d5bdbaf60e41cda625b24949d2af201 No Types Assigned https://git.kernel.org/stable/c/46e4fd338d5bdbaf60e41cda625b24949d2af201 Patch
    Changed Reference Type https://git.kernel.org/stable/c/59c1fb9874a01c9abc49a0a32f192a7e7b4e2650 No Types Assigned https://git.kernel.org/stable/c/59c1fb9874a01c9abc49a0a32f192a7e7b4e2650 Patch
    Changed Reference Type https://git.kernel.org/stable/c/93f0f5721d0cca45dac50af1ae6f9a9826c699fd No Types Assigned https://git.kernel.org/stable/c/93f0f5721d0cca45dac50af1ae6f9a9826c699fd Patch
    Changed Reference Type https://git.kernel.org/stable/c/af64e3e1537896337405f880c1e9ac1f8c0c6198 No Types Assigned https://git.kernel.org/stable/c/af64e3e1537896337405f880c1e9ac1f8c0c6198 Patch
    Changed Reference Type https://git.kernel.org/stable/c/da765bebd90e1b92bdbc3c6a27a3f3cc81529ab6 No Types Assigned https://git.kernel.org/stable/c/da765bebd90e1b92bdbc3c6a27a3f3cc81529ab6 Patch
    Added CWE NIST CWE-191
    Added CPE Configuration OR *cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions up to (excluding) 4.19.322 *cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from (including) 4.20 up to (excluding) 5.4.284 *cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from (including) 5.5 up to (excluding) 5.10.226 *cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from (including) 5.11 up to (excluding) 5.15.167 *cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from (including) 5.16 up to (excluding) 6.1.110 *cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from (including) 6.2 up to (excluding) 6.6.51 *cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from (including) 6.7 up to (excluding) 6.10.10
  • CVE Received by 416baaa9-dc9f-4396-8d5f-8c081fb06d67

    Sep. 18, 2024

    Action Type Old Value New Value
    Added Description In the Linux kernel, the following vulnerability has been resolved: hwmon: (lm95234) Fix underflows seen when writing limit attributes DIV_ROUND_CLOSEST() after kstrtol() results in an underflow if a large negative number such as -9223372036854775808 is provided by the user. Fix it by reordering clamp_val() and DIV_ROUND_CLOSEST() operations.
    Added Reference kernel.org https://git.kernel.org/stable/c/93f0f5721d0cca45dac50af1ae6f9a9826c699fd [No types assigned]
    Added Reference kernel.org https://git.kernel.org/stable/c/438453dfbbdcf4be26891492644aa3ecbb42c336 [No types assigned]
    Added Reference kernel.org https://git.kernel.org/stable/c/59c1fb9874a01c9abc49a0a32f192a7e7b4e2650 [No types assigned]
    Added Reference kernel.org https://git.kernel.org/stable/c/0fc27747633aa419f9af40e7bdfa00d2ec94ea81 [No types assigned]
    Added Reference kernel.org https://git.kernel.org/stable/c/da765bebd90e1b92bdbc3c6a27a3f3cc81529ab6 [No types assigned]
    Added Reference kernel.org https://git.kernel.org/stable/c/46e4fd338d5bdbaf60e41cda625b24949d2af201 [No types assigned]
    Added Reference kernel.org https://git.kernel.org/stable/c/16f42953231be1e7be77bc24005270d9e0d9d2ee [No types assigned]
    Added Reference kernel.org https://git.kernel.org/stable/c/af64e3e1537896337405f880c1e9ac1f8c0c6198 [No types assigned]
EPSS is a daily estimate of the probability of exploitation activity being observed over the next 30 days. Following chart shows the EPSS score history of the vulnerability.
CWE - Common Weakness Enumeration

While CVE identifies specific instances of vulnerabilities, CWE categorizes the common flaws or weaknesses that can lead to vulnerabilities. CVE-2024-46758 is associated with the following CWEs:

Common Attack Pattern Enumeration and Classification (CAPEC)

Common Attack Pattern Enumeration and Classification (CAPEC) stores attack patterns, which are descriptions of the common attributes and approaches employed by adversaries to exploit the CVE-2024-46758 weaknesses.

CVSS31 - Vulnerability Scoring System
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
:
© cvefeed.io
Latest DB Update: May. 01, 2025 3:21