CVE-2024-26969 in Linux
Summary
by MITRE • 05/01/2024
In the Linux kernel, the following vulnerability has been resolved:
clk: qcom: gcc-ipq8074: fix terminating of frequency table arrays
The frequency table arrays are supposed to be terminated with an empty element. Add such entry to the end of the arrays where it is missing in order to avoid possible out-of-bound access when the table is traversed by functions like qcom_find_freq() or qcom_find_freq_floor().
Only compile tested.
If you want to get best quality of vulnerability data, you may have to visit VulDB.
Analysis
by VulDB Data Team • 02/06/2026
The vulnerability identified as CVE-2024-26969 resides within the Linux kernel's clock management subsystem, specifically affecting the Qualcomm GCC (Global Clock Controller) driver for the ipq8074 platform. This issue manifests as a potential out-of-bounds memory access condition that could compromise system stability and security. The flaw occurs in the frequency table array implementation where proper termination elements are missing, creating a scenario where traversal functions may access memory beyond the intended array boundaries.
The technical root cause stems from improper array termination within the clock driver's frequency table implementation. When the kernel attempts to traverse these tables using functions such as qcom_find_freq() or qcom_find_freq_floor(), the absence of a terminating empty element causes the traversal logic to continue beyond the valid array bounds. This memory access violation represents a classic buffer over-read condition that could potentially be exploited to corrupt memory or cause system crashes. The vulnerability aligns with CWE-129, which addresses improper validation of array indices, and CWE-787, concerning out-of-bounds write operations that can lead to memory corruption.
The operational impact of this vulnerability extends beyond simple system instability to potentially enable more serious security consequences. When the affected kernel components attempt to process clock frequency requests, the out-of-bounds access could result in unpredictable behavior including system hangs, kernel panics, or potentially arbitrary code execution if the memory corruption affects critical kernel data structures. The vulnerability affects devices running the Linux kernel with Qualcomm ipq8074 platform support, particularly those implementing clock management functions that rely on the problematic frequency table traversal logic. This makes it relevant to networking equipment, mobile devices, and embedded systems utilizing Qualcomm's ipq8074 SoC architecture.
Mitigation strategies for CVE-2024-26969 focus on applying the official kernel patch that introduces proper array termination elements to all frequency table arrays. System administrators should prioritize updating their kernel versions to include this fix, particularly in production environments where stability and security are paramount. The patch implementation involves adding a terminating empty element to arrays where such termination was previously missing, ensuring that traversal functions like qcom_find_freq() and qcom_find_freq_floor() properly terminate their operations. Organizations should also implement monitoring systems to detect any anomalous behavior that might indicate exploitation attempts, though this specific vulnerability is more likely to manifest as system instability rather than direct exploitation. The fix addresses the underlying issue at the source level, making it compatible with the ATT&CK framework's mitigation strategies for kernel-level vulnerabilities and preventing potential privilege escalation scenarios that could arise from memory corruption exploits.