CVE-2024-56567

low-risk

Published 2024-12-27

In the Linux kernel, the following vulnerability has been resolved: ad7780: fix division by zero in ad7780_write_raw() In the ad7780_write_raw() , val2 can be zero, which might lead to a division by zero error in DIV_ROUND_CLOSEST(). The ad7780_write_raw() is based on iio_info's write_raw. While val is explicitly declared that can be zero (in read mode), val2 is not specified to be non-zero.

Do I need to act?

0.01% chance of exploitation

EPSS score — low exploit probability

Not on CISA KEV list

No confirmed active exploitation reported to CISA

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 5.5/10 Medium

LOCAL / LOW complexity

Affected Products (1)

Linux Kernel

Affected Vendors

Linux

References (9)

Patch https://git.kernel.org/stable/c/022e13518ba6cc1b4fdd291f49e4f57b2d5718e0

Patch https://git.kernel.org/stable/c/18fb33df1de83a014d7f784089f9b124facc157f

Patch https://git.kernel.org/stable/c/68e79b848196a0b0ec006009cc69da1f835d1ae8

Patch https://git.kernel.org/stable/c/7e3a8ea3d1ada7f707de5d9d504774b4191eab66

Patch https://git.kernel.org/stable/c/afc1e3c00b3f5f0b4f1bc3e974fb9803cb938a90

Patch https://git.kernel.org/stable/c/c174b53e95adf2eece2afc56cd9798374919f99a

Patch https://git.kernel.org/stable/c/f25a9f1df1f6738acf1fa05595fb6060a2c08ff1

https://lists.debian.org/debian-lts-announce/2025/03/msg00001.html

https://lists.debian.org/debian-lts-announce/2025/03/msg00002.html

/ 100

low-risk

Severity 18/34 · Moderate

Exploitability 0/34 · Minimal

Exposure 5/34 · Minimal