Linux Kernel OPP Buffer Overflow Vulnerability in Frequency Index Handling

Vulnerability

A buffer overflow vulnerability has been addressed in the Linux kernel's OPP (Operating Performance Points) management. The issue arose in the '_read_freq()' function, where the frequency index was not properly validated before being used. This lack of validation could lead to reading a frequency value outside the bounds of the 'opp->rates[]' array, particularly when the indexed variants of frequency lookup functions were used. The vulnerability has been mitigated by adding an index check to the assert function, ensuring that the frequency index is valid before accessing the array.

Impact

Exploitation of this vulnerability could lead to a buffer overflow, potentially allowing for arbitrary code execution or causing a denial-of-service condition by crashing the system.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.3

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.3

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel OPP Buffer Overflow Vulnerability in Frequency Index Handling

Vulnerability

Impact

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating