5.5

CVE-2024-39485

media: v4l: async: Properly re-initialise notifier entry in unregister

In the Linux kernel, the following vulnerability has been resolved:

media: v4l: async: Properly re-initialise notifier entry in unregister

The notifier_entry of a notifier is not re-initialised after unregistering
the notifier. This leads to dangling pointers being left there so use
list_del_init() to return the notifier_entry an empty list.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version < 6.6.34
LinuxLinux Kernel Version >= 6.9 < 6.9.5
LinuxLinux Kernel Version6.10.0 Updaterc1
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.21% 0.113
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE-665 Improper Initialization

The product does not initialize or incorrectly initializes a resource, which might leave the resource in an unexpected state when it is accessed or used.

https://git.kernel.org/stable/c/1aa6cd4adfc0380fa1ccc2f146848940ff882a66
Patch
Mailing List
https://git.kernel.org/stable/c/87100b09246202a91fce4a1562955c32229173bb
Patch
Mailing List
https://git.kernel.org/stable/c/9537a8425a7a0222999d5839a0b394b1e8834b4a
Patch
Mailing List