CVE-2024-35830

Summary

In the Linux kernel, the following vulnerability has been resolved:

media: tc358743: register v4l2 async device only after successful setup

Ensure the device has been setup correctly before registering the v4l2 async device, thus allowing userspace to access.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux4c5211a100399c3823563193dd881dcb3b7d24fc < 17c2650de14842c25c569cbb2126c421489a3a24affected
LinuxLinux4c5211a100399c3823563193dd881dcb3b7d24fc < daf21394f9898fb9f0698c3e50de08132d2164e6affected
LinuxLinux4c5211a100399c3823563193dd881dcb3b7d24fc < 610f20e5cf35ca9c0992693cae0dd8643ce932e7affected
LinuxLinux4c5211a100399c3823563193dd881dcb3b7d24fc < b8505a1aee8f1edc9d16d72ae09c93de086e2a1aaffected
LinuxLinux4c5211a100399c3823563193dd881dcb3b7d24fc < 8ba8db9786b55047df5ad3db3e01dd886687a77daffected
LinuxLinux4c5211a100399c3823563193dd881dcb3b7d24fc < edbb3226c985469a2f8eb69885055c9f5550f468affected
LinuxLinux4c5211a100399c3823563193dd881dcb3b7d24fc < c915c46a25c3efb084c4f5e69a053d7f7a635496affected
LinuxLinux4c5211a100399c3823563193dd881dcb3b7d24fc < 4f1490a5d7a0472ee5d9f36547bc4ba46be755c7affected
LinuxLinux4c5211a100399c3823563193dd881dcb3b7d24fc < 87399f1ff92203d65f1febf5919429f4bb613a02affected
LinuxLinux4.3affected
LinuxLinux0 < 4.3unaffected
LinuxLinux4.19.311 <= 4.19.*unaffected
LinuxLinux5.4.273 <= 5.4.*unaffected
LinuxLinux5.10.214 <= 5.10.*unaffected
LinuxLinux5.15.153 <= 5.15.*unaffected
LinuxLinux6.1.83 <= 6.1.*unaffected
LinuxLinux6.6.23 <= 6.6.*unaffected
LinuxLinux6.7.11 <= 6.7.*unaffected
LinuxLinux6.8.2 <= 6.8.*unaffected
LinuxLinux6.9 <= *unaffected

Weaknesses

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References