Description

In the Linux kernel, the following vulnerability has been resolved: powerpc/rtas: Prevent Spectre v1 gadget construction in sys_rtas() Smatch warns: arch/powerpc/kernel/rtas.c:1932 __do_sys_rtas() warn: potential spectre issue 'args.args' [r] (local cap) The 'nargs' and 'nret' locals come directly from a user-supplied buffer and are used as indexes into a small stack-based array and as inputs to copy_to_user() after they are subject to bounds checks. Use array_index_nospec() after the bounds checks to clamp these values for speculative execution.

INFO

Published Date :

2024-09-18T07:12:31.782Z

Last Modified :

2026-01-05T10:53:16.484Z

Source :

Linux
AFFECTED PRODUCTS

The following products are affected by CVE-2024-46774 vulnerability.

Vendors Products
Linux
  • Linux Kernel
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2024-46774.

URL Resource
https://git.kernel.org/stable/c/0974d03eb479384466d828d65637814bee6b26d7 cve-icon cve-icon
https://git.kernel.org/stable/c/1f1feff02e9da0dd0cdb195c428c42b5f9b6c771 cve-icon cve-icon
https://git.kernel.org/stable/c/68d8156480940b79227d58865ec5d2947b9384a8 cve-icon cve-icon
https://git.kernel.org/stable/c/a262c2dc833f2fe1bd5c53a4d899e7077d3b1da9 cve-icon cve-icon
https://git.kernel.org/stable/c/b137af795399d8b657bad1646c18561530f35ed1 cve-icon cve-icon
https://git.kernel.org/stable/c/d2834ff1d9641a8695a09ea79cd901c7b6d4d05f cve-icon cve-icon
https://lists.debian.org/debian-lts-announce/2025/05/msg00045.html cve-icon
https://lore.kernel.org/linux-cve-announce/2024091847-CVE-2024-46774-48d9@gregkh/T cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2024-46774 cve-icon
https://www.cve.org/CVERecord?id=CVE-2024-46774 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact