6 matches found
Linux Distros Unpatched Vulnerability : CVE-2023-52459
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: media: v4l: async: Fix duplicated list deletion The list deletion call dropped here is alrea...
AZL-48030 CVE-2024-43833 affecting package kernel for versions less than 6.6.47.1-1
In the Linux kernel, the following vulnerability has been resolved: media: v4l: async: Fix NULL pointer dereference in adding ancillary links In v4l2asynccreateancillarylinks, ancillary links are created for lens and flash sub-devices. These are sub-device to sub-device links and if the async...
CVE-2024-43833
The CVE-2024-43833 entry is supported by connected documents (Astra Linux page) with concrete details: In the Linux kernel media stack (V4L), the vulnerability is in v4l2_async_create_ancillary_links(), which creates ancillary links between lens and flash sub-devices. The bug caused a NULL pointe...
UBUNTU-CVE-2024-39485
In the Linux kernel, the following vulnerability has been resolved: media: v4l: async: Properly re-initialise notifier entry in unregister The notifierentry of a notifier is not re-initialised after unregistering the notifier. This leads to dangling pointers being left there so use listdelinit to...
SUSE CVE-2023-52459
In the Linux kernel, the following vulnerability has been resolved: media: v4l: async: Fix duplicated list deletion The list deletion call dropped here is already called from the helper function in the line before. Having a second listdel call results in either a warning with CONFIGDEBUGLIST=y:...
CVE-2023-52459
CVE-2023-52459 concerns the Linux kernel, specifically the media: v4l: async path. The vulnerability is caused by a duplicated list deletion: a second list_del() is performed after the list item was already removed, which can lead to list_del corruption (LIST_POISON) when CONFIG_DEBUG_LIST is ena...