CVE-2024-39485
MEDIUMLinux Kernel - Improper Initialization in V4L Async Notifier Entry
Title source: llmDescription
In the Linux kernel, the following vulnerability has been resolved: media: v4l: async: Properly re-initialise notifier entry in unregister The notifier_entry of a notifier is not re-initialised after unregistering the notifier. This leads to dangling pointers being left there so use list_del_init() to return the notifier_entry an empty list.
References (3)
Core 3
Core References
Mailing List, Patch
https://git.kernel.org/stable/c/87100b09246202a91fce4a1562955c32229173bb
Mailing List, Patch
https://git.kernel.org/stable/c/1aa6cd4adfc0380fa1ccc2f146848940ff882a66
Mailing List, Patch
https://git.kernel.org/stable/c/9537a8425a7a0222999d5839a0b394b1e8834b4a
Scores
CVSS v3
5.5
EPSS
0.0021
EPSS Percentile
11.3%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
partial
Details
CWE
CWE-665
Status
published
Products (12)
linux/Kernel
6.6.0 - 6.6.34linux
linux/Kernel
6.7.0 - 6.9.5linux
Linux/Linux
< 6.6
Linux/Linux
6.10
Linux/Linux
6.6
Linux/Linux
6.6.34 - 6.6.*
Linux/Linux
6.9.5 - 6.9.*
Linux/Linux
b8ec754ae4c563f6aab8c0cb47aeb2eae67f1da3 - 1aa6cd4adfc0380fa1ccc2f146848940ff882a66
Linux/Linux
b8ec754ae4c563f6aab8c0cb47aeb2eae67f1da3 - 87100b09246202a91fce4a1562955c32229173bb
Linux/Linux
b8ec754ae4c563f6aab8c0cb47aeb2eae67f1da3 - 9537a8425a7a0222999d5839a0b394b1e8834b4a
... and 2 more
Published
Jul 05, 2024
Tracked Since
Feb 18, 2026