CVE-2024-53081

MEDIUM

Linux Kernel < 6.1.117 - Integer Underflow

Title source: rule

Description

In the Linux kernel, the following vulnerability has been resolved: media: ar0521: don't overflow when checking PLL values The PLL checks are comparing 64 bit integers with 32 bit ones, as reported by Coverity. Depending on the values of the variables, this may underflow. Fix it ensuring that both sides of the expression are u64.

References (5)

[Mailing List] https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html

[Patch] https://git.kernel.org/stable/c/438d3085ba5b8b5bfa5290faa594e577f6ac9aa7

[Patch] https://git.kernel.org/stable/c/5e1523076acf95b4ea68d19b6f27e6891267cc24

[Patch] https://git.kernel.org/stable/c/97ed0c0332d5525653668b31acf62ff1e6b50784

[Patch] https://git.kernel.org/stable/c/a244b82d0ae60326901f2b50c15e3118298b7ecd

Scores

CVSS v3 5.5

EPSS 0.0006

EPSS Percentile 17.0%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-191

Status published

Products (5)

linux/Kernel 6.0.0 - 6.1.117linux

linux/Kernel 6.2.0 - 6.6.61linux

linux/Kernel 6.7.0 - 6.11.8linux

linux/linux_kernel 6.12 rc1 (6 CPE variants)

linux/linux_kernel 6.0 - 6.1.117

Published Nov 19, 2024

Tracked Since Feb 18, 2026