Linux · Linux Kernel · CVE-2020-36776
**Name of the Vulnerable Software and Affected Versions**
Linux kernel (affected versions not specified)
**Description**
A slab out-of-bounds issue was found in the Linux kernel, specifically in the `thermal/drivers/cpufreq cooling` module. This issue is scanned by KASAN in `cpu power to freq()`. If power is limited below the power of OPP0 in the EM table, it will cause a slab out-of-bound issue with a negative array index. The issue is fixed by returning the lowest frequency if limited power cannot find a suitable OPP in the EM table.
**Recommendations**
At the moment, there is no information about a newer version that contains a fix for this vulnerability.