CVE-2024-56739

MEDIUM EPSS 13.4%
Published Dec 29, 20241y ago · Modified Jun 17, 20261w ago
5.5 CVSS 3.1
Medium
Find Similar
Published Dec 29, 2024 1y ago
Last Modified Jun 17, 2026 1w ago

Description

In the Linux kernel, the following vulnerability has been resolved: rtc: check if __rtc_read_time was successful in rtc_timer_do_work() If the __rtc_read_time call fails,, the struct rtc_time tm; may contain uninitialized data, or an illegal date/time read from the RTC hardware. When calling rtc_tm_to_ktime later, the result may be a very large value (possibly KTIME_MAX). If there are periodic timers in rtc->timerqueue, they will continually expire, may causing kernel softlockup.

CVSS Details

Base Score
5.5
Exploitability
1.8
Impact
3.6
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High

Threat Intelligence

EPSS Exploit Probability
13.4% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Weaknesses 1

CWE-908

Affected Products 8

VendorProductVersionRange
linuxlinux_kernel*≥2.6.38  –  <4.19.325
linuxlinux_kernel*≥4.20  –  <5.4.287
linuxlinux_kernel*≥5.5  –  <5.10.231
linuxlinux_kernel*≥5.11  –  <5.15.174
linuxlinux_kernel*≥5.16  –  <6.1.120
linuxlinux_kernel*≥6.2  –  <6.6.64
linuxlinux_kernel*≥6.7  –  <6.11.11
linuxlinux_kernel*≥6.12  –  <6.12.2

References 11

  • git.kernel.org https://git.kernel.org/stable/c/0d68e8514d9040108ff7d1b37ca71096674b6efe
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/246f621d363988e7040f4546d20203dc713fa3e1
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/39ad0a1ae17b54509cd9e93dcd8cec16e7c12d3f
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/44b3257ff705d63d5f00ef8ed314a0eeb7ec37f2
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/a1f0b4af90cc18b10261ecde56c6a56b22c75bd1
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/dd4b1cbcc916fad5d10c2662b62def9f05e453d4
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/e77bce0a8c3989b4173c36f4195122bca8f4a3e1
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/e8ba8a2bc4f60a1065f23d6a0e7cbea945a0f40d
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/fde56535505dde3336df438e949ef4742b6d6d6e
    Patch
  • lists.debian.org https://lists.debian.org/debian-lts-announce/2025/03/msg00001.html
  • lists.debian.org https://lists.debian.org/debian-lts-announce/2025/03/msg00002.html

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/0d68e8514d9040108ff7d1b37ca71096674b6efe
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/246f621d363988e7040f4546d20203dc713fa3e1
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/39ad0a1ae17b54509cd9e93dcd8cec16e7c12d3f
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/44b3257ff705d63d5f00ef8ed314a0eeb7ec37f2
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/a1f0b4af90cc18b10261ecde56c6a56b22c75bd1
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/dd4b1cbcc916fad5d10c2662b62def9f05e453d4
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/e77bce0a8c3989b4173c36f4195122bca8f4a3e1
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/e8ba8a2bc4f60a1065f23d6a0e7cbea945a0f40d
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/fde56535505dde3336df438e949ef4742b6d6d6e
    Patch