CVE-2024-53061

Published Nov 19, 2024

Last updated 8 days ago

CVSS high 7.8

Overview

Description: In the Linux kernel, the following vulnerability has been resolved: media: s5p-jpeg: prevent buffer overflows The current logic allows word to be less than 2. If this happens, there will be buffer overflows, as reported by smatch. Add extra checks to prevent it. While here, remove an unused word = 0 assignment.
Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
NVD status: Modified

Risk scores

CVSS 3.1

Type: Primary
Base score: 7.8
Impact score: 5.9
Exploitability score: 1.8
Vector string: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Severity: HIGH

Weaknesses

nvd@nist.gov: CWE-191
134c704f-9b21-4f2e-91b3-4a467353bcc0: CWE-191

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "304E5368-E4DF-4277-9ACF-AB3ADEB91CA4",
            "versionEndExcluding": "4.19.324",
            "versionStartIncluding": "4.4"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9952C897-8A61-4D4B-9D6D-7D063E9EA15E",
            "versionEndExcluding": "5.4.286",
            "versionStartIncluding": "4.20"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BF5B32D0-72C9-41C3-A0BB-D4946153C134",
            "versionEndExcluding": "5.10.230",
            "versionStartIncluding": "5.5"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "88812664-4296-42AC-AE0F-ED71086C1BB1",
            "versionEndExcluding": "5.15.172",
            "versionStartIncluding": "5.11"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0DD7F755-2F6B-4707-8973-78496AD5AA8E",
            "versionEndExcluding": "6.1.117",
            "versionStartIncluding": "5.16"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "630ED7EB-C97E-4435-B884-1E309E40D6F3",
            "versionEndExcluding": "6.6.61",
            "versionStartIncluding": "6.2"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0BD000F7-3DAD-4DD3-8906-98EA1EC67E95",
            "versionEndExcluding": "6.11.8",
            "versionStartIncluding": "6.7"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7F361E1D-580F-4A2D-A509-7615F73167A1"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "925478D0-3E3D-4E6F-ACD5-09F28D5DF82C"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3C95E234-D335-4B6C-96BF-E2CEBD8654ED"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc4:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E0F717D8-3014-4F84-8086-0124B2111379"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc5:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "24DBE6C7-2AAE-4818-AED2-E131F153D2FA"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc6:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "24B88717-53F5-42AA-9B72-14C707639E3F"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 3.1

Weaknesses

Social media

Configurations

References