LiveActive security incident?Get immediate response
CVE Record

CVE-2024-46759: hwmon: (adc128d818) Fix underflows seen when writing limit attributes

In the Linux kernel, the following vulnerability has been resolved: hwmon: (adc128d818) Fix underflows seen when writing limit attributes DIV_ROUND_CLOSEST() after kstrtol() results in an underflow if a large negative number such as -9223372036854775808 is provided by the user. Fix it by reordering clamp_val() and DIV_ROUND_CLOSEST() operations.

UnknownCVSS not scoredNot KEV-listedUpdated
Glexia's TakeAutomated analysisunknown

Security readout for executives and security teams

Plain-English summary

CVE-2024-46759 is a Linux kernel bug in the adc128d818 hardware-monitoring driver. A specially large negative value written to certain limit attributes can trigger an arithmetic underflow. The sources show a kernel fix, but do not provide CVSS, proven impact, or active exploitation evidence.

Executive priority

Treat as routine kernel maintenance unless you operate systems with this sensor driver exposed to untrusted local users or appliance workloads. Prioritize through normal patch cycles, with faster action for multi-tenant Linux hosts, embedded devices, or regulated operational environments.

Technical view

The flaw is in hwmon adc128d818 limit attribute handling. After kstrtol(), DIV_ROUND_CLOSEST() could underflow for values such as the minimum signed long. The fix reorders clamp_val() before division. Affected Linux versions are listed from 3.15 through specific stable branches; fixed stable commits are referenced.

Likely exposure

Exposure appears limited to Linux systems using the adc128d818 hwmon driver where a local user or process can write the relevant sysfs limit attributes. Network-only exposure is not supported by the provided sources. Embedded, appliance, or industrial products should be checked against vendor advisories.

Exploitation context

The CVE is not listed as KEV, and the provided sources do not claim active exploitation or public exploit use. The source evidence describes a local input-handling underflow in a kernel driver, not a remotely reachable service issue.

Researcher notes

The provided record lacks CVSS, CWE, exploitability detail, and concrete impact beyond underflow during limit writes. Analysis should focus on affected driver reachability, local write permissions, fixed commit presence, and downstream vendor backports rather than assuming privilege escalation or remote attack paths.

Mitigation direction

  • Update to a kernel containing the referenced stable fixes.
  • Apply Debian LTS kernel updates where those advisories match your fleet.
  • Check hardware and kernel configs for adc128d818 driver usage.
  • Restrict write access to hwmon sysfs attributes to trusted administrators.
  • For appliances, follow the relevant vendor security advisory.

Validation and detection

  • Inventory hosts running affected Linux kernel branches or vendor kernels.
  • Confirm whether the adc128d818 module or hardware is present.
  • Verify installed kernel packages include the referenced stable fix.
  • Review sysfs permissions for writable hwmon limit attributes.
  • Check Debian or device-vendor advisories for shipped kernel status.
Prepared
Confidence
medium
Sources
10

Generated from the cited source records. This long-tail analysis has not been individually reviewed by a named human.

Potential ATT&CK relevance

Conservative CVE-to-ATT&CK context

These mappings and lookup hints may be relevant to the vulnerability behavior, CWE, affected product, or exposure path. Glexia-inferred context is not an official MITRE, ATT&CK, CWE, or CVE Program mapping.

ATT&CK lookup starting points

Use these exact CWE pages and searches to review the Glexia ATT&CK library from this CVE's weakness and description context.

cve · low confidence lookup

CVE-2024-46759 mapping review

Open the CVE-to-ATT&CK bridge for reviewed, inferred, or future official mappings tied to this CVE.

Open ATT&CK lookup
Vulnerability profileCVE Program record
Severity
Unknown
CVSS
Not scored
Known Exploited
No
Published
Official CVE source material

CNA and ADP enrichment extracted from CVE v5

These fields come from the CVE record and ADP containers, not from Glexia's Take. They preserve time-varying source decisions such as CISA SSVC, KEV status, CVSS metrics, and provider references.

0CVSS vectors
3Timeline events
3ADP providers
13Source links

SSVC decision data

CISA-ADPCISA Coordinator
Timestamp
Version
2.0.3
Exploitation: noneAutomatable: noTechnical Impact: partial

Vulnerability timeline

Timeline events are normalized from CVE metadata, CNA source timelines, ADP timelines, and KEV metadata when present.

  1. CVE reservedCVE Program

    The CVE ID was reserved by the assigning CNA.

  2. CVE publishedCVE Program

    The CVE record was published.

  3. CVE updatedCVE Program

    The CVE record metadata indicates this as the latest update time.

ADP provider summaries

CISA-ADPCISA ADP Vulnrichment
other:ssvc
CVECVE Program Container
siemens-SADPADP container
Affected products

Products and packages named in the record

VendorProductVersion / packageStatus
LinuxLinuxb4c9c1a7987ef07d8345bf9d19f36d97423b6b25, b4c9c1a7987ef07d8345bf9d19f36d97423b6b25, b4c9c1a7987ef07d8345bf9d19f36d97423b6b25, b4c9c1a7987ef07d8345bf9d19f36d97423b6b25, b4c9c1a7987ef07d8345bf9d19f36d97423b6b25, b4c9c1a7987ef07d8345bf9d19f36d97423b6b25, b4c9c1a7987ef07d8345bf9d19f36d97423b6b25, b4c9c1a7987ef07d8345bf9d19f36d97423b6b25unaffected
LinuxLinux3.15, 0, 4.19.322, 5.4.284, 5.10.226, 5.15.167, 6.1.110, 6.6.51, 6.10.10, 6.11affected
Weakness

CWE details

No CWE listed

CWE links open Glexia weakness intelligence pages with official CWE context, developer remediation guidance, and related CVE mappings.