Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
osvGoogleOSV:CVE-2024-39464
HistoryJun 25, 2024 - 3:15 p.m.

CVE-2024-39464

2024-06-2515:15:14
Google
osv.dev
6
cve-2024-39464
media
v4l
async
uninitialized list_head
null-pointer dereference

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

AI Score

6.9

Confidence

High

EPSS

0

Percentile

5.0%

JSON

In the Linux kernel, the following vulnerability has been resolved:

media: v4l: async: Fix notifier list entry init

struct v4l2_async_notifier has several list_head members, but only
waiting_list and done_list are initialized. notifier_entry was kept
‘zeroed’ leading to an uninitialized list_head.
This results in a NULL-pointer dereference if csi2_async_register() fails,
e.g. node for remote endpoint is disabled, and returns -ENOTCONN.
The following calls to v4l2_async_nf_unregister() results in a NULL
pointer dereference.
Add the missing list head initializer.

Related

vulnrichment 1
debiancve 1
osv 6
redhatcve 1
ubuntucve 1
cvelist 1
nvd 1
cve 1
nessus 7
openvas 9
mageia 2
vulnrichment
vulnrichment
CVE-2024-39464 media: v4l: async: Fix notifier list entry init
2024-06-25 14:25:03
debiancve
debiancve
CVE-2024-39464
2024-06-25 15:15:14
osv
osv
UBUNTU-CVE-2024-39464
2024-06-25 15:15:00
linux-azure vulnerabilities
2024-09-12 13:23:45
linux-nvidia-6.8 vulnerabilities
2024-09-13 11:22:12
redhatcve
redhatcve
CVE-2024-39464
2024-06-25 20:52:01
ubuntucve
ubuntucve
CVE-2024-39464
2024-06-25 00:00:00
cvelist
cvelist
CVE-2024-39464 media: v4l: async: Fix notifier list entry init
2024-06-25 14:25:03
nvd
nvd
CVE-2024-39464
2024-06-25 15:15:14
cve
cve
CVE-2024-39464
2024-06-25 15:15:14
nessus
nessus
Ubuntu 24.04 LTS : Linux kernel vulnerabilities (USN-6999-1)
2024-09-11 00:00:00
Ubuntu 22.04 LTS : Linux kernel vulnerabilities (USN-7005-2)
2024-09-13 00:00:00
Ubuntu 24.04 LTS : Linux kernel vulnerabilities (USN-7004-1)
2024-09-12 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-7005-1)
2024-09-13 00:00:00
Ubuntu: Security Advisory (USN-7005-2)
2024-09-16 00:00:00
Ubuntu: Security Advisory (USN-7004-1)
2024-09-13 00:00:00
mageia
mageia
Updated kernel-linus packages fix security vulnerabilities
2024-07-14 08:23:38
Updated kernel kmod-xtables-addons kmod-virtualbox dwarves packages fix security vulnerabilities
2024-07-13 10:54:44

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

AI Score

6.9

Confidence

High

EPSS

0

Percentile

5.0%

JSON
Related for OSV:CVE-2024-39464
vulnrichment1debiancve1osv6redhatcve1ubuntucve1cvelist1nvd1cve1nessus7openvas9mageia2