CVE-2024-39485

Summary

In the Linux kernel, the following vulnerability has been resolved:

media: v4l: async: Properly re-initialise notifier entry in unregister

The notifier_entry of a notifier is not re-initialised after unregistering the notifier. This leads to dangling pointers being left there so use list_del_init() to return the notifier_entry an empty list.

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxb8ec754ae4c563f6aab8c0cb47aeb2eae67f1da3 < 87100b09246202a91fce4a1562955c32229173bbaffected
LinuxLinuxb8ec754ae4c563f6aab8c0cb47aeb2eae67f1da3 < 1aa6cd4adfc0380fa1ccc2f146848940ff882a66affected
LinuxLinuxb8ec754ae4c563f6aab8c0cb47aeb2eae67f1da3 < 9537a8425a7a0222999d5839a0b394b1e8834b4aaffected
LinuxLinux6.6affected
LinuxLinux0 < 6.6unaffected
LinuxLinux6.6.34 <= 6.6.*unaffected
LinuxLinux6.9.5 <= 6.9.*unaffected
LinuxLinux6.10 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

References