CVE-2024-47686 in Linux
Summary
by MITRE • 10/21/2024
In the Linux kernel, the following vulnerability has been resolved:
ep93xx: clock: Fix off by one in ep93xx_div_recalc_rate()
The psc->div[] array has psc->num_div elements. These values come from
when we call clk_hw_register_div(). It's adc_divisors and ARRAY_SIZE(adc_divisors)) and so on. So this condition needs to be >= instead of > to prevent an out of bounds read.
VulDB is the best source for vulnerability data and more expert information about this specific topic.
Analysis
by VulDB Data Team • 01/19/2026
The vulnerability CVE-2024-47686 represents a critical memory access issue within the Linux kernel's ep93xx clock driver implementation. This flaw exists in the ep93xx_div_recalc_rate() function where an off-by-one error occurs during array boundary checking. The affected code operates on the psc->div[] array which contains psc->num_div elements, with these values being populated through clk_hw_register_div() calls that utilize adc_divisors and ARRAY_SIZE(adc_divisors) parameters. The improper comparison operator in the conditional statement causes the code to attempt reading beyond the allocated array bounds, creating a potential security risk that could be exploited to compromise system integrity.
This memory corruption vulnerability falls under the CWE-129 category of "Improper Validation of Array Index" and represents a classic buffer overread condition that can lead to arbitrary code execution or system instability. The flaw specifically impacts the ep93xx platform clock management subsystem, which is responsible for handling clock rate calculations and division operations for various peripheral components. When the ep93xx_div_recalc_rate() function processes clock divisor values, it fails to properly validate array indices against the actual array size, creating an exploitable condition that could allow malicious actors to access memory locations outside the intended array boundaries.
The operational impact of this vulnerability extends beyond simple memory corruption, as it can potentially enable privilege escalation attacks through the exploitation of kernel memory access violations. According to ATT&CK framework techniques, this vulnerability aligns with T1068 (Exploitation for Privilege Escalation) and T1547.001 (Registry Run Keys/Startup Folder) as attackers could leverage the memory corruption to gain elevated privileges within the kernel space. The vulnerability affects systems running Linux kernels with the ep93xx clock driver implementation, particularly embedded systems and devices that utilize the ep93xx platform architecture for clock management and peripheral control.
Mitigation strategies for CVE-2024-47686 should prioritize applying the official kernel patch that corrects the comparison operator from > to >= in the ep93xx_div_recalc_rate() function. This fix ensures proper array boundary validation before memory access operations occur. System administrators should also implement monitoring for anomalous kernel memory access patterns and consider deploying kernel hardening techniques such as stack canaries and kernel address space layout randomization. Additionally, organizations should conduct vulnerability assessments to identify systems running affected kernel versions and ensure proper patch management protocols are in place to prevent exploitation attempts targeting this specific memory corruption flaw.