CVE-2024-53081

media: ar0521: don't overflow when checking PLL values

CVSS 5.5 MEDIUMEPSS 0.2%CWE-191

Vexday Risk Score

13Baixo

Decisão SSVC (CISA)

Track

Sem sinal de exploração → monitorar

CVSS 5.5EPSS 0.2%KEV nãoPoC —Nuclei —Metasploit —Patch —

Ciclo de vida

19 nov 2024Publicada no NVD

Recomendação: Monitorar — sem sinal de exploração no momento.

In the Linux kernel, the following vulnerability has been resolved: media: ar0521: don't overflow when checking PLL values The PLL checks are comparing 64 bit integers with 32 bit ones, as reported by Coverity. Depending on the values of the variables, this may underflow. Fix it ensuring that both sides of the expression are u64.

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Produtos afetados

Linux · Linux

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://git.kernel.org/stable/c/438d3085ba5b8b5bfa5290faa594e577f6ac9aa7 https://git.kernel.org/stable/c/5e1523076acf95b4ea68d19b6f27e6891267cc24 https://git.kernel.org/stable/c/97ed0c0332d5525653668b31acf62ff1e6b50784 https://git.kernel.org/stable/c/a244b82d0ae60326901f2b50c15e3118298b7ecd https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html