CVE-2024-53061
7.8
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
In the Linux kernel, the following vulnerability has been resolved:
media: s5p-jpeg: prevent buffer overflows
The current logic allows word to be less than 2. If this happens, there will be buffer overflows, as reported by smatch. Add extra checks to prevent it.
While here, remove an unused word = 0 assignment.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Linux | Linux | 6c96dbbc2aa9f5b4aed8792989d69eae22bf77c4 < c5f6fefcda8fac8f082b6c5bf416567f4e100c51 | affected |
| Linux | Linux | 6c96dbbc2aa9f5b4aed8792989d69eae22bf77c4 < e5117f6e7adcf9fd7546cdd0edc9abe4474bc98b | affected |
| Linux | Linux | 6c96dbbc2aa9f5b4aed8792989d69eae22bf77c4 < f54e8e1e39dacccebcfb9a9a36f0552a0a97e2ef | affected |
| Linux | Linux | 6c96dbbc2aa9f5b4aed8792989d69eae22bf77c4 < a930cddfd153b5d4401df0c01effa14c831ff21e | affected |
| Linux | Linux | 6c96dbbc2aa9f5b4aed8792989d69eae22bf77c4 < c85db2d4432de4ff9d97006691ce2dcb5bda660e | affected |
| Linux | Linux | 6c96dbbc2aa9f5b4aed8792989d69eae22bf77c4 < 784bc785a453eb2f8433dd62075befdfa1b2d6fd | affected |
| Linux | Linux | 6c96dbbc2aa9f5b4aed8792989d69eae22bf77c4 < c951a0859fdacf49a2298b5551a7e52b95ff6f51 | affected |
| Linux | Linux | 6c96dbbc2aa9f5b4aed8792989d69eae22bf77c4 < 14a22762c3daeac59a5a534e124acbb4d7a79b3a | affected |
| Linux | Linux | 4.4 | affected |
| Linux | Linux | 0 < 4.4 | unaffected |
| Linux | Linux | 4.19.324 <= 4.19.* | unaffected |
| Linux | Linux | 5.4.286 <= 5.4.* | unaffected |
| Linux | Linux | 5.10.230 <= 5.10.* | unaffected |
| Linux | Linux | 5.15.172 <= 5.15.* | unaffected |
| Linux | Linux | 6.1.117 <= 6.1.* | unaffected |
| Linux | Linux | 6.6.61 <= 6.6.* | unaffected |
| Linux | Linux | 6.11.8 <= 6.11.* | unaffected |
| Linux | Linux | 6.12 <= * | unaffected |
Weaknesses
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: total
CVE Program Container
Additional References
- https://lists.debian.org/debian-lts-announce/2025/03/msg00002.html
- https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html
References
- https://git.kernel.org/stable/c/c5f6fefcda8fac8f082b6c5bf416567f4e100c51
- https://git.kernel.org/stable/c/e5117f6e7adcf9fd7546cdd0edc9abe4474bc98b
- https://git.kernel.org/stable/c/f54e8e1e39dacccebcfb9a9a36f0552a0a97e2ef
- https://git.kernel.org/stable/c/a930cddfd153b5d4401df0c01effa14c831ff21e
- https://git.kernel.org/stable/c/c85db2d4432de4ff9d97006691ce2dcb5bda660e
- https://git.kernel.org/stable/c/784bc785a453eb2f8433dd62075befdfa1b2d6fd
- https://git.kernel.org/stable/c/c951a0859fdacf49a2298b5551a7e52b95ff6f51
- https://git.kernel.org/stable/c/14a22762c3daeac59a5a534e124acbb4d7a79b3a
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.