CVE-2024-50291

Summary

In the Linux kernel, the following vulnerability has been resolved:

media: dvb-core: add missing buffer index check

dvb_vb2_expbuf() didn't check if the given buffer index was for a valid buffer. Add this check.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux7dc866df40127dceac9ba83ae16c0c11e7d1666f < 721c37af0355cc0b540909c57fd7930dc99c72d8affected
LinuxLinux7dc866df40127dceac9ba83ae16c0c11e7d1666f < fa88dc7db176c79b50adb132a56120a1d4d9d18baffected
LinuxLinux6.8affected
LinuxLinux0 < 6.8unaffected
LinuxLinux6.11.8 <= 6.11.*unaffected
LinuxLinux6.12 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References