CVE-2024-47753

MEDIUM

Linux Kernel 5.19-6.10.12 - NULL Pointer Dereference in VP8 Stateless Decoder

Title source: llm

Description

In the Linux kernel, the following vulnerability has been resolved: media: mediatek: vcodec: Fix VP8 stateless decoder smatch warning Fix a smatch static checker warning on vdec_vp8_req_if.c. Which leads to a kernel crash when fb is NULL.

References (6)

Core 6

Core References

Mailing List

https://lists.debian.org/debian-lts-announce/2025/05/msg00045.html

Patch

https://git.kernel.org/stable/c/4e0713c79cf5d0b549fa855e230ade1ff83c27d7

Patch

https://git.kernel.org/stable/c/dbe5b7373801c261f3ea118145fbb2caac5f9324

Patch

https://git.kernel.org/stable/c/35cc704622b3a9bc02a4755d5ba80238eee3cdc2

Patch

https://git.kernel.org/stable/c/3167aa42941b68405a092df114453ef0f1b09c2c

Patch

https://git.kernel.org/stable/c/b113bc7c0e83b32f4dd2d291a2b6c4803e0a2c44

Scores

CVSS v3 5.5

EPSS 0.0021

EPSS Percentile 10.7%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-476

Status published

Products (17)

linux/Kernel 5.19.0 - 6.1.132linux

linux/Kernel 6.11.0 - 6.11.2linux

linux/Kernel 6.2.0 - 6.6.54linux

linux/Kernel 6.7.0 - 6.10.13linux

Linux/Linux < 5.19

Linux/Linux 5.19

Linux/Linux 6.1.132 - 6.1.*

Linux/Linux 6.10.13 - 6.10.*

Linux/Linux 6.11.2 - 6.11.*

Linux/Linux 6.12

... and 7 more

Published Oct 21, 2024

Tracked Since Feb 18, 2026