CVE-2024-53061

HIGH EPSS 22.1%
Published Nov 19, 20241y ago · Modified Jun 17, 20261w ago
7.8 CVSS 3.1
High
Find Similar
Published Nov 19, 2024 1y ago
Last Modified Jun 17, 2026 1w ago

Description

In the Linux kernel, the following vulnerability has been resolved: media: s5p-jpeg: prevent buffer overflows The current logic allows word to be less than 2. If this happens, there will be buffer overflows, as reported by smatch. Add extra checks to prevent it. While here, remove an unused word = 0 assignment.

CVSS Details

Base Score
7.8
Exploitability
1.8
Impact
5.9
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality High
Integrity High
Availability High

Threat Intelligence

EPSS Exploit Probability
22.1% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Weaknesses 1

CWE-191

Affected Products 13

VendorProductVersionRange
linuxlinux_kernel*≥4.4  –  <4.19.324
linuxlinux_kernel*≥4.20  –  <5.4.286
linuxlinux_kernel*≥5.5  –  <5.10.230
linuxlinux_kernel*≥5.11  –  <5.15.172
linuxlinux_kernel*≥5.16  –  <6.1.117
linuxlinux_kernel*≥6.2  –  <6.6.61
linuxlinux_kernel*≥6.7  –  <6.11.8
linuxlinux_kernel6.12any
linuxlinux_kernel6.12any
linuxlinux_kernel6.12any
linuxlinux_kernel6.12any
linuxlinux_kernel6.12any
linuxlinux_kernel6.12any

References 10

  • git.kernel.org https://git.kernel.org/stable/c/14a22762c3daeac59a5a534e124acbb4d7a79b3a
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/784bc785a453eb2f8433dd62075befdfa1b2d6fd
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/a930cddfd153b5d4401df0c01effa14c831ff21e
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/c5f6fefcda8fac8f082b6c5bf416567f4e100c51
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/c85db2d4432de4ff9d97006691ce2dcb5bda660e
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/c951a0859fdacf49a2298b5551a7e52b95ff6f51
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/e5117f6e7adcf9fd7546cdd0edc9abe4474bc98b
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/f54e8e1e39dacccebcfb9a9a36f0552a0a97e2ef
    Patch
  • lists.debian.org https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html
  • lists.debian.org https://lists.debian.org/debian-lts-announce/2025/03/msg00002.html

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/14a22762c3daeac59a5a534e124acbb4d7a79b3a
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/784bc785a453eb2f8433dd62075befdfa1b2d6fd
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/a930cddfd153b5d4401df0c01effa14c831ff21e
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/c5f6fefcda8fac8f082b6c5bf416567f4e100c51
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/c85db2d4432de4ff9d97006691ce2dcb5bda660e
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/c951a0859fdacf49a2298b5551a7e52b95ff6f51
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/e5117f6e7adcf9fd7546cdd0edc9abe4474bc98b
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/f54e8e1e39dacccebcfb9a9a36f0552a0a97e2ef
    Patch