5.5
CVE-2024-47752
- EPSS 0.21%
- Veröffentlicht 21.10.2024 13:15:05
- Zuletzt bearbeitet 22.10.2024 16:11:09
- CVE-Watchlists
- Unerledigt
media: mediatek: vcodec: Fix H264 stateless decoder smatch warning
In the Linux kernel, the following vulnerability has been resolved: media: mediatek: vcodec: Fix H264 stateless decoder smatch warning Fix a smatch static checker warning on vdec_h264_req_if.c. Which leads to a kernel crash when fb is NULL.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version >= 5.16 < 6.6.54
Linux ≫ Linux Kernel Version >= 6.7 < 6.10.13
Linux ≫ Linux Kernel Version >= 6.11 < 6.11.2
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.21% | 0.107 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.5 | 1.8 | 3.6 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
|
CWE-476 NULL Pointer Dereference
The product dereferences a pointer that it expects to be valid but is NULL.
https://git.kernel.org/stable/c/18181b0c1c5bd43846e5e0ae3d61a4a1adceab03
https://git.kernel.org/stable/c/7878d3a385efab560dce793b595447867fb163f2
https://git.kernel.org/stable/c/790d1848fac5ac3b1c474f66162598ab07a20c21
https://git.kernel.org/stable/c/c6b9f971b43980de8893610f606d751131fb5d86