Linux Kernel macsmc-hwmon Driver Vulnerability in Apple Silicon

A vulnerability in the Linux kernel's macsmc-hwmon driver for Apple Silicon has been addressed. The driver had critical flaws in its sensor population logic and float conversion processes. Specifically, the voltage sensor loop used an incorrect prefix and misallocated sensors to the temperature array, potentially causing out-of-bounds memory access or data corruption. Additionally, the float conversion function had erroneous logic for certain values and failed to properly mask the mantissa, leading to incorrect data being sent to the System Management Controller (SMC). These issues could disrupt proper sensor registration and manual fan control.

Impact

The vulnerability could cause out-of-bounds memory access or data corruption when both temperature and voltage sensors were present, leading to incorrect values being written to the SMC.

Remediation

Users can update to the latest version of the Linux kernel where this vulnerability has been fixed. Instructions for downloading the patched version are available on the Linux kernel official website.