CVE-2024-46774
Published: Sep 18, 2024
Modified: May 11, 2026
Description
In the Linux kernel, the following vulnerability has been resolved: powerpc/rtas: Prevent Spectre v1 gadget construction in sys_rtas() Smatch warns: arch/powerpc/kernel/rtas.c:1932 __do_sys_rtas() warn: potential spectre issue 'args.args' [r] (local cap) The 'nargs' and 'nret' locals come directly from a user-supplied buffer and are used as indexes into a small stack-based array and as inputs to copy_to_user() after they are subject to bounds checks. Use array_index_nospec() after the bounds checks to clamp these values for speculative execution.
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - < d2834ff1d9641a8695a09ea79cd901c7b6d4d05faffected 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - < a262c2dc833f2fe1bd5c53a4d899e7077d3b1da9affected 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - < b137af795399d8b657bad1646c18561530f35ed1affected 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - < 1f1feff02e9da0dd0cdb195c428c42b5f9b6c771affected 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - < 68d8156480940b79227d58865ec5d2947b9384a8+1 more versions |
Linux | Linux | affected 2.6.12unaffected 0 - < 2.6.12unaffected 5.10.237 - <= 5.10.*unaffected 5.15.181 - <= 5.15.*unaffected 6.1.135 - <= 6.1.*+3 more versions |
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now