CVE-2024-35830
N/A
N/A
Summary
In the Linux kernel, the following vulnerability has been resolved:
media: tc358743: register v4l2 async device only after successful setup
Ensure the device has been setup correctly before registering the v4l2 async device, thus allowing userspace to access.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Linux | Linux | 4c5211a100399c3823563193dd881dcb3b7d24fc < 17c2650de14842c25c569cbb2126c421489a3a24 | affected |
| Linux | Linux | 4c5211a100399c3823563193dd881dcb3b7d24fc < daf21394f9898fb9f0698c3e50de08132d2164e6 | affected |
| Linux | Linux | 4c5211a100399c3823563193dd881dcb3b7d24fc < 610f20e5cf35ca9c0992693cae0dd8643ce932e7 | affected |
| Linux | Linux | 4c5211a100399c3823563193dd881dcb3b7d24fc < b8505a1aee8f1edc9d16d72ae09c93de086e2a1a | affected |
| Linux | Linux | 4c5211a100399c3823563193dd881dcb3b7d24fc < 8ba8db9786b55047df5ad3db3e01dd886687a77d | affected |
| Linux | Linux | 4c5211a100399c3823563193dd881dcb3b7d24fc < edbb3226c985469a2f8eb69885055c9f5550f468 | affected |
| Linux | Linux | 4c5211a100399c3823563193dd881dcb3b7d24fc < c915c46a25c3efb084c4f5e69a053d7f7a635496 | affected |
| Linux | Linux | 4c5211a100399c3823563193dd881dcb3b7d24fc < 4f1490a5d7a0472ee5d9f36547bc4ba46be755c7 | affected |
| Linux | Linux | 4c5211a100399c3823563193dd881dcb3b7d24fc < 87399f1ff92203d65f1febf5919429f4bb613a02 | affected |
| Linux | Linux | 4.3 | affected |
| Linux | Linux | 0 < 4.3 | unaffected |
| Linux | Linux | 4.19.311 <= 4.19.* | unaffected |
| Linux | Linux | 5.4.273 <= 5.4.* | unaffected |
| Linux | Linux | 5.10.214 <= 5.10.* | unaffected |
| Linux | Linux | 5.15.153 <= 5.15.* | unaffected |
| Linux | Linux | 6.1.83 <= 6.1.* | unaffected |
| Linux | Linux | 6.6.23 <= 6.6.* | unaffected |
| Linux | Linux | 6.7.11 <= 6.7.* | unaffected |
| Linux | Linux | 6.8.2 <= 6.8.* | unaffected |
| Linux | Linux | 6.9 <= * | unaffected |
Weaknesses
ADP Enrichment
CVE Program Container
Additional References
- https://git.kernel.org/stable/c/17c2650de14842c25c569cbb2126c421489a3a24
- https://git.kernel.org/stable/c/daf21394f9898fb9f0698c3e50de08132d2164e6
- https://git.kernel.org/stable/c/610f20e5cf35ca9c0992693cae0dd8643ce932e7
- https://git.kernel.org/stable/c/b8505a1aee8f1edc9d16d72ae09c93de086e2a1a
- https://git.kernel.org/stable/c/8ba8db9786b55047df5ad3db3e01dd886687a77d
- https://git.kernel.org/stable/c/edbb3226c985469a2f8eb69885055c9f5550f468
- https://git.kernel.org/stable/c/c915c46a25c3efb084c4f5e69a053d7f7a635496
- https://git.kernel.org/stable/c/4f1490a5d7a0472ee5d9f36547bc4ba46be755c7
- https://git.kernel.org/stable/c/87399f1ff92203d65f1febf5919429f4bb613a02
- https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html
- https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
References
- https://git.kernel.org/stable/c/17c2650de14842c25c569cbb2126c421489a3a24
- https://git.kernel.org/stable/c/daf21394f9898fb9f0698c3e50de08132d2164e6
- https://git.kernel.org/stable/c/610f20e5cf35ca9c0992693cae0dd8643ce932e7
- https://git.kernel.org/stable/c/b8505a1aee8f1edc9d16d72ae09c93de086e2a1a
- https://git.kernel.org/stable/c/8ba8db9786b55047df5ad3db3e01dd886687a77d
- https://git.kernel.org/stable/c/edbb3226c985469a2f8eb69885055c9f5550f468
- https://git.kernel.org/stable/c/c915c46a25c3efb084c4f5e69a053d7f7a635496
- https://git.kernel.org/stable/c/4f1490a5d7a0472ee5d9f36547bc4ba46be755c7
- https://git.kernel.org/stable/c/87399f1ff92203d65f1febf5919429f4bb613a02
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.