CVE-2024-47752

MEDIUM

Linux Kernel 5.16-6.6.53, 6.7-6.10.12, 6.11.0-6.11.1 - Null Pointer Dereference in H264 Stateless Decoder

Title source: llm

Description

In the Linux kernel, the following vulnerability has been resolved: media: mediatek: vcodec: Fix H264 stateless decoder smatch warning Fix a smatch static checker warning on vdec_h264_req_if.c. Which leads to a kernel crash when fb is NULL.

References (4)

Core 4

Core References

Patch

https://git.kernel.org/stable/c/c6b9f971b43980de8893610f606d751131fb5d86

Patch

https://git.kernel.org/stable/c/18181b0c1c5bd43846e5e0ae3d61a4a1adceab03

Patch

https://git.kernel.org/stable/c/790d1848fac5ac3b1c474f66162598ab07a20c21

Patch

https://git.kernel.org/stable/c/7878d3a385efab560dce793b595447867fb163f2

Scores

CVSS v3 5.5

EPSS 0.0021

EPSS Percentile 10.8%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-476

Status published

Products (14)

linux/Kernel 5.16.0 - 6.6.54linux

linux/Kernel 6.11.0 - 6.11.2linux

linux/Kernel 6.7.0 - 6.10.13linux

Linux/Linux < 5.16

Linux/Linux 06fa5f757dc5a5687e1cdd13097c3265735f60bf - 18181b0c1c5bd43846e5e0ae3d61a4a1adceab03

Linux/Linux 06fa5f757dc5a5687e1cdd13097c3265735f60bf - 7878d3a385efab560dce793b595447867fb163f2

Linux/Linux 06fa5f757dc5a5687e1cdd13097c3265735f60bf - 790d1848fac5ac3b1c474f66162598ab07a20c21

Linux/Linux 06fa5f757dc5a5687e1cdd13097c3265735f60bf - c6b9f971b43980de8893610f606d751131fb5d86

Linux/Linux 5.16

Linux/Linux 6.10.13 - 6.10.*

... and 4 more

Published Oct 21, 2024

Tracked Since Feb 18, 2026