CVE-2024-43831

Summary

In the Linux kernel, the following vulnerability has been resolved:

media: mediatek: vcodec: Handle invalid decoder vsi

Handle an invalid decoder vsi in vpu_dec_init to ensure the decoder vsi is valid for future use.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux590577a4e5257ac3ed72999a94666ad6ba8f24bc < dbd3e4adb98e50ede74f00b3fa956fa29ef95e6caffected
LinuxLinux590577a4e5257ac3ed72999a94666ad6ba8f24bc < 1c109f23b271a02b9bb195c173fab41e3285a8dbaffected
LinuxLinux590577a4e5257ac3ed72999a94666ad6ba8f24bc < cdf05ae76198c513836bde4eb55f099c44773280affected
LinuxLinux590577a4e5257ac3ed72999a94666ad6ba8f24bc < 59d438f8e02ca641c58d77e1feffa000ff809e9faffected
LinuxLinux4.10affected
LinuxLinux0 < 4.10unaffected
LinuxLinux6.1.131 <= 6.1.*unaffected
LinuxLinux6.6.44 <= 6.6.*unaffected
LinuxLinux6.10.3 <= 6.10.*unaffected
LinuxLinux6.11 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

References