CVE-2024-53061

Summary

In the Linux kernel, the following vulnerability has been resolved:

media: s5p-jpeg: prevent buffer overflows

The current logic allows word to be less than 2. If this happens, there will be buffer overflows, as reported by smatch. Add extra checks to prevent it.

While here, remove an unused word = 0 assignment.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux6c96dbbc2aa9f5b4aed8792989d69eae22bf77c4 < c5f6fefcda8fac8f082b6c5bf416567f4e100c51affected
LinuxLinux6c96dbbc2aa9f5b4aed8792989d69eae22bf77c4 < e5117f6e7adcf9fd7546cdd0edc9abe4474bc98baffected
LinuxLinux6c96dbbc2aa9f5b4aed8792989d69eae22bf77c4 < f54e8e1e39dacccebcfb9a9a36f0552a0a97e2efaffected
LinuxLinux6c96dbbc2aa9f5b4aed8792989d69eae22bf77c4 < a930cddfd153b5d4401df0c01effa14c831ff21eaffected
LinuxLinux6c96dbbc2aa9f5b4aed8792989d69eae22bf77c4 < c85db2d4432de4ff9d97006691ce2dcb5bda660eaffected
LinuxLinux6c96dbbc2aa9f5b4aed8792989d69eae22bf77c4 < 784bc785a453eb2f8433dd62075befdfa1b2d6fdaffected
LinuxLinux6c96dbbc2aa9f5b4aed8792989d69eae22bf77c4 < c951a0859fdacf49a2298b5551a7e52b95ff6f51affected
LinuxLinux6c96dbbc2aa9f5b4aed8792989d69eae22bf77c4 < 14a22762c3daeac59a5a534e124acbb4d7a79b3aaffected
LinuxLinux4.4affected
LinuxLinux0 < 4.4unaffected
LinuxLinux4.19.324 <= 4.19.*unaffected
LinuxLinux5.4.286 <= 5.4.*unaffected
LinuxLinux5.10.230 <= 5.10.*unaffected
LinuxLinux5.15.172 <= 5.15.*unaffected
LinuxLinux6.1.117 <= 6.1.*unaffected
LinuxLinux6.6.61 <= 6.6.*unaffected
LinuxLinux6.11.8 <= 6.11.*unaffected
LinuxLinux6.12 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

CVE Program Container

Additional References

References