CVE-2021-46940

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The issue is related to an offset overflow in the index converting function idx to offset() in the Linux kernel's tools/power turbostat. The function returns a 32-bit signed integer, but MSR PKG ENERGY STAT is an unsigned 32-bit integer, which can be interpreted as a negative number. This causes the if (offset < 0) check in update msr sum() to prevent the timer callback from updating the stat in the background when long durations are used. Similar issues exist in offset to idx() and update msr sum(). The issue is fixed by converting the int to off t accordingly.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.