CVE-2024-43900

🗓️ 26 Aug 2024 10:10:58Reported by LinuxType

Linux kernel vulnerability resolved in media driver with use-after-free in load_firmware_cb()

Reporter	Title	Published	Views	Family All 301
IBM Security Bulletins	Security Bulletin: Multiple Vulnerabilities in IBM API Connect	15 Mar 202500:18	–	ibm
AstraLinux	Astra Linux - уязвимость в linux-6.1, linux, linux-5.15	3 May 202623:59	–	astralinux
Circl	CVE-2024-43900	26 Aug 202413:42	–	circl
CNNVD	Linux kernel 安全漏洞	26 Aug 202400:00	–	cnnvd
Cvelist	CVE-2024-43900 media: xc2028: avoid use-after-free in load_firmware_cb()	26 Aug 202410:10	–	cvelist
Debian	[SECURITY] [DLA 4008-1] linux-6.1 security update	3 Jan 202500:41	–	debian
Debian CVE	CVE-2024-43900	26 Aug 202410:10	–	debiancve
Tenable Nessus	Debian dla-4008 : linux-config-6.1 - security update	3 Jan 202500:00	–	nessus
Tenable Nessus	EulerOS 2.0 SP9 : kernel (EulerOS-SA-2024-2832)	8 Nov 202400:00	–	nessus
Tenable Nessus	EulerOS 2.0 SP10 : kernel (EulerOS-SA-2024-2907)	8 Nov 202400:00	–	nessus

NVD

Vulners

CNA

Node

linux linux_kernelRange<6.1.105

linux linux_kernelRange6.2–6.6.46

linux linux_kernelRange6.7–6.10.5

[
  {
    "product": "Linux",
    "vendor": "Linux",
    "defaultStatus": "unaffected",
    "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
    "programFiles": [
      "drivers/media/tuners/xc2028.c"
    ],
    "versions": [
      {
        "version": "61a96113de51e1f8f43ac98cbeadb54e60045905",
        "lessThan": "ef517bdfc01818419f7bd426969a0c86b14f3e0e",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "61a96113de51e1f8f43ac98cbeadb54e60045905",
        "lessThan": "850304152d367f104d21c77cfbcc05806504218b",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "61a96113de51e1f8f43ac98cbeadb54e60045905",
        "lessThan": "208deb6d8c3cb8c3acb1f41eb31cf68ea08726d5",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "61a96113de51e1f8f43ac98cbeadb54e60045905",
        "lessThan": "68594cec291ff9523b9feb3f43fd853dcddd1f60",
        "status": "affected",
        "versionType": "git"
      }
    ]
  },
  {
    "product": "Linux",
    "vendor": "Linux",
    "defaultStatus": "affected",
    "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
    "programFiles": [
      "drivers/media/tuners/xc2028.c"
    ],
    "versions": [
      {
        "version": "3.6",
        "status": "affected"
      },
      {
        "version": "0",
        "lessThan": "3.6",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "6.1.105",
        "lessThanOrEqual": "6.1.*",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "6.6.46",
        "lessThanOrEqual": "6.6.*",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "6.10.5",
        "lessThanOrEqual": "6.10.*",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "6.11",
        "lessThanOrEqual": "*",
        "status": "unaffected",
        "versionType": "original_commit_for_fix"
      }
    ]
  }
]

Source	Link
git	www.git.kernel.org/stable/c/68594cec291ff9523b9feb3f43fd853dcddd1f60
git	www.git.kernel.org/stable/c/ef517bdfc01818419f7bd426969a0c86b14f3e0e
git	www.git.kernel.org/stable/c/850304152d367f104d21c77cfbcc05806504218b
git	www.git.kernel.org/stable/c/208deb6d8c3cb8c3acb1f41eb31cf68ea08726d5
lists	www.lists.debian.org/debian-lts-announce/2025/01/msg00001.html

11 May 2026 20:31Current

7.2High risk

Vulners AI Score7.2

CVSS 3.17.8

EPSS0.00023

SSVC

CWE-416