{"id":"AZL-74450","summary":"CVE-2025-68777 affecting package kernel for versions less than 6.6.121.1-1","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nInput: ti_am335x_tsc - fix off-by-one error in wire_order validation\n\nThe current validation 'wire_order[i] \u003e ARRAY_SIZE(config_pins)' allows\nwire_order[i] to equal ARRAY_SIZE(config_pins), which causes out-of-bounds\naccess when used as index in 'config_pins[wire_order[i]]'.\n\nSince config_pins has 4 elements (indices 0-3), the valid range for\nwire_order should be 0-3. Fix the off-by-one error by using \u003e= instead\nof \u003e in the validation check.","modified":"2026-04-01T05:22:43.122153Z","published":"2026-01-13T16:15:57Z","upstream":["CVE-2025-68777"],"references":[{"type":"WEB","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-68777"}],"affected":[{"package":{"name":"kernel","ecosystem":"Azure Linux:3","purl":"pkg:rpm/azure-linux/kernel"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"6.6.121.1-1"}]}],"database_specific":{"source":"https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-74450.json"}}],"schema_version":"1.7.5"}