CVE-2024-39485

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2024-39485
In the Linux kernel, the following vulnerability has been resolved: media: v4l: async: Properly re-initialise notifier entry in unregister The notifier_entry of a notifier is not re-initialised after unregistering the notifier. This leads to dangling pointers being left there so use list_del_init() to return the notifier_entry an empty list.

5.5 /10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://git.kernel.org/stable/c/1aa6cd4adfc0380fa1ccc2f146848940ff882a66 Mailing List Patch
https://git.kernel.org/stable/c/87100b09246202a91fce4a1562955c32229173bb Mailing List Patch
https://git.kernel.org/stable/c/9537a8425a7a0222999d5839a0b394b1e8834b4a Mailing List Patch
Configurations

Configuration 1 (hide)

OR cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.10.0:rc1:*:*:*:*:*:*
History

08 Jul 2024, 15:36

Type Values Removed Values Added
CVSS v2 : unknown
v3 : unknown 		v2 : unknown
v3 : 5.5
First Time Linux
Linux linux Kernel
CPE cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.10.0:rc1:*:*:*:*:*:*
CWE CWE-665
References () https://git.kernel.org/stable/c/1aa6cd4adfc0380fa1ccc2f146848940ff882a66 - () https://git.kernel.org/stable/c/1aa6cd4adfc0380fa1ccc2f146848940ff882a66 - Mailing List, Patch
References () https://git.kernel.org/stable/c/87100b09246202a91fce4a1562955c32229173bb - () https://git.kernel.org/stable/c/87100b09246202a91fce4a1562955c32229173bb - Mailing List, Patch
References () https://git.kernel.org/stable/c/9537a8425a7a0222999d5839a0b394b1e8834b4a - () https://git.kernel.org/stable/c/9537a8425a7a0222999d5839a0b394b1e8834b4a - Mailing List, Patch

05 Jul 2024, 12:55

Type Values Removed Values Added
Summary
  • (es) En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: medios: v4l: async: Reinicializar correctamente la entrada del notificador al cancelar el registro Notifier_entry de un notificador no se reinicializa después de cancelar el registro del notificador. Esto lleva a que se dejen punteros colgando allí, así que use list_del_init() para devolver notifier_entry una lista vacía.

05 Jul 2024, 07:15

Type Values Removed Values Added
New CVE
Information

Published : 2024-07-05 07:15

Updated : 2024-07-08 15:36

NVD link : CVE-2024-39485

Mitre link : CVE-2024-39485

CVE.ORG link : CVE-2024-39485

JSON object : View

Products Affected

linux

  • linux_kernel
CWE
CWE-665

Improper Initialization


NetmanageIT Website NetmanageIT OSINT Web NetmanageIT OpenCTI NetmanageIT PDF Tools NetmanageIT CTO Corner Blog NetmanageIT Email Header Analyzer NetmanageIT Password Pusher NetmanageIT Internet Health and Latency Dashboard NetmanageIT Dedicated Speed Test Site NetmanageIT Ubuntu Mirror 10Gbps Copyright OpenCVE 2024