CVE-2024-39481

Summary

In the Linux kernel, the following vulnerability has been resolved:

media: mc: Fix graph walk in media_pipeline_start

The graph walk tries to follow all links, even if they are not between pads. This causes a crash with, e.g. a MEDIA_LNK_FL_ANCILLARY_LINK link.

Fix this by allowing the walk to proceed only for MEDIA_LNK_FL_DATA_LINK links.

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxae219872834a32da88408a92a4b4745c11f5a7ce < 788fd0f11e45ae8d3a8ebbd3452a6e83f92db376affected
LinuxLinuxae219872834a32da88408a92a4b4745c11f5a7ce < e80d9db99b7b6c697d8d952dfd25c3425cf61499affected
LinuxLinuxae219872834a32da88408a92a4b4745c11f5a7ce < bee9440bc0b6b3b7432f7bfde28656262a3484a2affected
LinuxLinuxae219872834a32da88408a92a4b4745c11f5a7ce < 8a9d420149c477e7c97fbd6453704e4612bdd3faaffected
LinuxLinux6.1affected
LinuxLinux0 < 6.1unaffected
LinuxLinux6.1.94 <= 6.1.*unaffected
LinuxLinux6.6.34 <= 6.6.*unaffected
LinuxLinux6.9.5 <= 6.9.*unaffected
LinuxLinux6.10 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

References