CVE-2024-39481 - Vulnerability Details - OpenCVE

In the Linux kernel, the following vulnerability has been resolved: media: mc: Fix graph walk in media_pipeline_start The graph walk tries to follow all links, even if they are not between pads. This causes a crash with, e.g. a MEDIA_LNK_FL_ANCILLARY_LINK link. Fix this by allowing the walk to proceed only for MEDIA_LNK_FL_DATA_LINK links.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable no

Technical Impact partial

Vendors	Products
Linux	Linux Kernel

Configuration 1 [-]

OR	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::

No data.

References

Link	Providers
https://git.kernel.org/stable/c/788fd0f11e45ae8d3a8ebbd3452a6e83f92db376
https://git.kernel.org/stable/c/8a9d420149c477e7c97fbd6453704e4612bdd3fa
https://git.kernel.org/stable/c/bee9440bc0b6b3b7432f7bfde28656262a3484a2
https://git.kernel.org/stable/c/e80d9db99b7b6c697d8d952dfd25c3425cf61499
https://lore.kernel.org/linux-cve-announce/2024070520-CVE-2024-39481-108f@gregkh/T
https://nvd.nist.gov/vuln/detail/CVE-2024-39481
https://www.cve.org/CVERecord?id=CVE-2024-39481

History

Wed, 06 Nov 2024 20:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2024-07-05T06:55:09.916Z

Updated: 2024-12-19T09:07:00.988Z

Reserved: 2024-06-25T14:23:23.746Z

Link: CVE-2024-39481

Vulnrichment

Updated: 2024-08-02T04:26:15.883Z

NVD

Status : Modified

Published: 2024-07-05T07:15:10.653

Modified: 2024-11-21T09:27:46.873

Link: CVE-2024-39481

Redhat

Severity : Moderate

Publid Date: 2024-07-05T00:00:00Z

Links: CVE-2024-39481 - Bugzilla

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-39481", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2024-06-25T14:23:23.746Z", "datePublished": "2024-07-05T06:55:09.916Z", "dateUpdated": "2024-12-19T09:07:00.988Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-12-19T09:07:00.988Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: mc: Fix graph walk in media_pipeline_start\n\nThe graph walk tries to follow all links, even if they are not between\npads. This causes a crash with, e.g. a MEDIA_LNK_FL_ANCILLARY_LINK link.\n\nFix this by allowing the walk to proceed only for MEDIA_LNK_FL_DATA_LINK\nlinks."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/media/mc/mc-entity.c"], "versions": [{"version": "ae219872834a32da88408a92a4b4745c11f5a7ce", "lessThan": "788fd0f11e45ae8d3a8ebbd3452a6e83f92db376", "status": "affected", "versionType": "git"}, {"version": "ae219872834a32da88408a92a4b4745c11f5a7ce", "lessThan": "e80d9db99b7b6c697d8d952dfd25c3425cf61499", "status": "affected", "versionType": "git"}, {"version": "ae219872834a32da88408a92a4b4745c11f5a7ce", "lessThan": "bee9440bc0b6b3b7432f7bfde28656262a3484a2", "status": "affected", "versionType": "git"}, {"version": "ae219872834a32da88408a92a4b4745c11f5a7ce", "lessThan": "8a9d420149c477e7c97fbd6453704e4612bdd3fa", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/media/mc/mc-entity.c"], "versions": [{"version": "6.1", "status": "affected"}, {"version": "0", "lessThan": "6.1", "status": "unaffected", "versionType": "semver"}, {"version": "6.1.94", "lessThanOrEqual": "6.1.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.6.34", "lessThanOrEqual": "6.6.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.9.5", "lessThanOrEqual": "6.9.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.10", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "references": [{"url": "https://git.kernel.org/stable/c/788fd0f11e45ae8d3a8ebbd3452a6e83f92db376"}, {"url": "https://git.kernel.org/stable/c/e80d9db99b7b6c697d8d952dfd25c3425cf61499"}, {"url": "https://git.kernel.org/stable/c/bee9440bc0b6b3b7432f7bfde28656262a3484a2"}, {"url": "https://git.kernel.org/stable/c/8a9d420149c477e7c97fbd6453704e4612bdd3fa"}], "title": "media: mc: Fix graph walk in media_pipeline_start", "x_generator": {"engine": "bippy-5f407fcff5a0"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-07-05T20:07:40.257709Z", "id": "CVE-2024-39481", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-07-05T20:07:53.742Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T04:26:15.883Z"}, "title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/788fd0f11e45ae8d3a8ebbd3452a6e83f92db376", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/e80d9db99b7b6c697d8d952dfd25c3425cf61499", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/bee9440bc0b6b3b7432f7bfde28656262a3484a2", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/8a9d420149c477e7c97fbd6453704e4612bdd3fa", "tags": ["x_transferred"]}]}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/788fd0f11e45ae8d3a8ebbd3452a6e83f92db376", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/e80d9db99b7b6c697d8d952dfd25c3425cf61499", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/bee9440bc0b6b3b7432f7bfde28656262a3484a2", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/8a9d420149c477e7c97fbd6453704e4612bdd3fa", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T04:26:15.883Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-39481", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-07-05T20:07:40.257709Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-07-05T20:07:47.881Z"}}], "cna": {"title": "media: mc: Fix graph walk in media_pipeline_start", "affected": [{"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "ae219872834a", "lessThan": "788fd0f11e45", "versionType": "git"}, {"status": "affected", "version": "ae219872834a", "lessThan": "e80d9db99b7b", "versionType": "git"}, {"status": "affected", "version": "ae219872834a", "lessThan": "bee9440bc0b6", "versionType": "git"}, {"status": "affected", "version": "ae219872834a", "lessThan": "8a9d420149c4", "versionType": "git"}], "programFiles": ["drivers/media/mc/mc-entity.c"], "defaultStatus": "unaffected"}, {"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "6.1"}, {"status": "unaffected", "version": "0", "lessThan": "6.1", "versionType": "semver"}, {"status": "unaffected", "version": "6.1.94", "versionType": "semver", "lessThanOrEqual": "6.1.*"}, {"status": "unaffected", "version": "6.6.34", "versionType": "semver", "lessThanOrEqual": "6.6.*"}, {"status": "unaffected", "version": "6.9.5", "versionType": "semver", "lessThanOrEqual": "6.9.*"}, {"status": "unaffected", "version": "6.10", "versionType": "original_commit_for_fix", "lessThanOrEqual": "*"}], "programFiles": ["drivers/media/mc/mc-entity.c"], "defaultStatus": "affected"}], "references": [{"url": "https://git.kernel.org/stable/c/788fd0f11e45ae8d3a8ebbd3452a6e83f92db376"}, {"url": "https://git.kernel.org/stable/c/e80d9db99b7b6c697d8d952dfd25c3425cf61499"}, {"url": "https://git.kernel.org/stable/c/bee9440bc0b6b3b7432f7bfde28656262a3484a2"}, {"url": "https://git.kernel.org/stable/c/8a9d420149c477e7c97fbd6453704e4612bdd3fa"}], "x_generator": {"engine": "bippy-9e1c9544281a"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: mc: Fix graph walk in media_pipeline_start\n\nThe graph walk tries to follow all links, even if they are not between\npads. This causes a crash with, e.g. a MEDIA_LNK_FL_ANCILLARY_LINK link.\n\nFix this by allowing the walk to proceed only for MEDIA_LNK_FL_DATA_LINK\nlinks."}], "providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-11-05T09:32:09.456Z"}}}, "cveMetadata": {"cveId": "CVE-2024-39481", "state": "PUBLISHED", "dateUpdated": "2024-11-05T09:32:09.456Z", "dateReserved": "2024-06-25T14:23:23.746Z", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "datePublished": "2024-07-05T06:55:09.916Z", "assignerShortName": "Linux"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "B5A86346-2984-4261-AC12-29EACB186000", "versionEndExcluding": "6.1.94", "versionStartIncluding": "6.1", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "AC0C6E24-8240-425A-BD1A-F78E6D3A67FC", "versionEndExcluding": "6.6.34", "versionStartIncluding": "6.6", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "54EDFD02-25E6-4BC8-9AD0-0A59881F400A", "versionEndExcluding": "6.9.5", "versionStartIncluding": "6.9", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: mc: Fix graph walk in media_pipeline_start\n\nThe graph walk tries to follow all links, even if they are not between\npads. This causes a crash with, e.g. a MEDIA_LNK_FL_ANCILLARY_LINK link.\n\nFix this by allowing the walk to proceed only for MEDIA_LNK_FL_DATA_LINK\nlinks."}, {"lang": "es", "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: media: mc: corrige el recorrido del gr\u00e1fico en media_pipeline_start El recorrido del gr\u00e1fico intenta seguir todos los enlaces, incluso si no est\u00e1n entre pads. Esto provoca un bloqueo, por ejemplo, con un enlace MEDIA_LNK_FL_ANCILLARY_LINK. Solucione este problema permitiendo que la caminata contin\u00fae solo para los enlaces MEDIA_LNK_FL_DATA_LINK."}], "id": "CVE-2024-39481", "lastModified": "2024-11-21T09:27:46.873", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2024-07-05T07:15:10.653", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Mailing List", "Patch"], "url": "https://git.kernel.org/stable/c/788fd0f11e45ae8d3a8ebbd3452a6e83f92db376"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Mailing List", "Patch"], "url": "https://git.kernel.org/stable/c/8a9d420149c477e7c97fbd6453704e4612bdd3fa"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Mailing List", "Patch"], "url": "https://git.kernel.org/stable/c/bee9440bc0b6b3b7432f7bfde28656262a3484a2"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Mailing List", "Patch"], "url": "https://git.kernel.org/stable/c/e80d9db99b7b6c697d8d952dfd25c3425cf61499"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Patch"], "url": "https://git.kernel.org/stable/c/788fd0f11e45ae8d3a8ebbd3452a6e83f92db376"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Patch"], "url": "https://git.kernel.org/stable/c/8a9d420149c477e7c97fbd6453704e4612bdd3fa"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Patch"], "url": "https://git.kernel.org/stable/c/bee9440bc0b6b3b7432f7bfde28656262a3484a2"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Patch"], "url": "https://git.kernel.org/stable/c/e80d9db99b7b6c697d8d952dfd25c3425cf61499"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"bugzilla": {"description": "kernel: media: mc: Fix graph walk in media_pipeline_start", "id": "2296055", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2296055"}, "csaw": false, "cvss3": {"cvss3_base_score": "4.4", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", "status": "draft"}, "cwe": "CWE-99", "details": ["In the Linux kernel, the following vulnerability has been resolved:\nmedia: mc: Fix graph walk in media_pipeline_start\nThe graph walk tries to follow all links, even if they are not between\npads. This causes a crash with, e.g. a MEDIA_LNK_FL_ANCILLARY_LINK link.\nFix this by allowing the walk to proceed only for MEDIA_LNK_FL_DATA_LINK\nlinks."], "mitigation": {"lang": "en:us", "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."}, "name": "CVE-2024-39481", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2024-07-05T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2024-39481\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-39481\nhttps://lore.kernel.org/linux-cve-announce/2024070520-CVE-2024-39481-108f@gregkh/T"], "statement": "Red Hat Enterprise Linux is not impacted by this CVE, as the vulnerability in question does not affect the specific versions or configurations of the Linux kernel used in its distributions. This ensures that users of Red Hat Enterprise Linux are not exposed to the potential risks associated with this issue, and no further action or mitigation is necessary for systems running this operating system.", "threat_severity": "Moderate"}