CVE-2024-27077

Summary

In the Linux kernel, the following vulnerability has been resolved:

media: v4l2-mem2mem: fix a memleak in v4l2_m2m_register_entity

The entity->name (i.e. name) is allocated in v4l2_m2m_register_entity but isn't freed in its following error-handling paths. This patch adds such deallocation to prevent memleak of entity->name.

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxbe2fff656322e82f215730839063c2c2ca73d14b < 3dd8abb0ed0e0a7c66d6d677c86ccb188cc39333affected
LinuxLinuxbe2fff656322e82f215730839063c2c2ca73d14b < 0175f2d34c85744f9ad6554f696cf0afb5bd04e4affected
LinuxLinuxbe2fff656322e82f215730839063c2c2ca73d14b < afd2a82fe300032f63f8be5d6cd6981e75f8bbf2affected
LinuxLinuxbe2fff656322e82f215730839063c2c2ca73d14b < dc866b69cc51af9b8509b4731b8ce2a4950cd0efaffected
LinuxLinuxbe2fff656322e82f215730839063c2c2ca73d14b < 0c9550b032de48d6a7fa6a4ddc09699d64d9300daffected
LinuxLinuxbe2fff656322e82f215730839063c2c2ca73d14b < 90029b9c979b60de5cb2b70ade4bbf61d561bc5daffected
LinuxLinuxbe2fff656322e82f215730839063c2c2ca73d14b < 5dc319cc3c4f7b74f7dfba349aa26f87efb52458affected
LinuxLinuxbe2fff656322e82f215730839063c2c2ca73d14b < 9c23ef30e840fedc66948299509f6c2777c9cf4faffected
LinuxLinuxbe2fff656322e82f215730839063c2c2ca73d14b < 8f94b49a5b5d386c038e355bef6347298aabd211affected
LinuxLinux4.19affected
LinuxLinux0 < 4.19unaffected
LinuxLinux4.19.311 <= 4.19.*unaffected
LinuxLinux5.4.273 <= 5.4.*unaffected
LinuxLinux5.10.214 <= 5.10.*unaffected
LinuxLinux5.15.153 <= 5.15.*unaffected
LinuxLinux6.1.83 <= 6.1.*unaffected
LinuxLinux6.6.23 <= 6.6.*unaffected
LinuxLinux6.7.11 <= 6.7.*unaffected
LinuxLinux6.8.2 <= 6.8.*unaffected
LinuxLinux6.9 <= *unaffected

Weaknesses

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

Additional References

References