CVE-2024-53081

media: ar0521: don't overflow when checking PLL values

CVSS 5.5 MEDIUMEPSS 0.2%CWE-191

Vexday Risk Score

13Bajo

Decisión SSVC (CISA)

Track

Sin señal de explotación → monitorear

CVSS 5.5EPSS 0.2%KEV nãoPoC —Nuclei —Metasploit —Patch —

Ciclo de vida

19 nov 2024Publicada en NVD

Recomendación: Monitorear — sin señal de explotación por ahora.

In the Linux kernel, the following vulnerability has been resolved: media: ar0521: don't overflow when checking PLL values The PLL checks are comparing 64 bit integers with 32 bit ones, as reported by Coverity. Depending on the values of the variables, this may underflow. Fix it ensuring that both sides of the expression are u64.

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Productos afectados

Linux · Linux

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

https://git.kernel.org/stable/c/438d3085ba5b8b5bfa5290faa594e577f6ac9aa7 https://git.kernel.org/stable/c/5e1523076acf95b4ea68d19b6f27e6891267cc24 https://git.kernel.org/stable/c/97ed0c0332d5525653668b31acf62ff1e6b50784 https://git.kernel.org/stable/c/a244b82d0ae60326901f2b50c15e3118298b7ecd https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html