CVE-2024-27076 - Vulnerability Details

In the Linux kernel, the following vulnerability has been resolved: media: imx: csc/scaler: fix v4l2_ctrl_handler memory leak Free the memory allocated in v4l2_ctrl_handler_init on release.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable no

Technical Impact partial

Vendors	Products
Debian	Debian Linux
Linux	Linux Kernel

Configuration 1 [-]

OR	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::

Configuration 2 [-]

cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://git.kernel.org/stable/c/42492b00156c03a79fd4851190aa63045d6a15ce
https://git.kernel.org/stable/c/4797a3dd46f220e6d83daf54d70c5b33db6deb01
https://git.kernel.org/stable/c/5d9fe604bf9b5b09d2215225df55f22a4cbbc684
https://git.kernel.org/stable/c/6c92224721a439d6350db5933a1060768dcd565e
https://git.kernel.org/stable/c/8c2e4efe1278cd2b230cdbf90a6cefbf00acc282
https://git.kernel.org/stable/c/8df9a3c7044b847e9c4dc7e683fd64c6b873f328
https://git.kernel.org/stable/c/b1d0eebaf87cc9ccd05f779ec4a0589f95d6c18b
https://git.kernel.org/stable/c/d164ddc21e986dd9ad614b4b01746e5457aeb24f
https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html
https://lore.kernel.org/linux-cve-announce/2024050134-CVE-2024-27076-5a2e@gregkh/T
https://nvd.nist.gov/vuln/detail/CVE-2024-27076
https://www.cve.org/CVERecord?id=CVE-2024-27076

History

Mon, 23 Dec 2024 15:30:00 +0000

Type	Values Removed	Values Added
First Time appeared		Debian Debian debian Linux Linux Linux linux Kernel
Weaknesses		CWE-401
CPEs		cpe:2.3:o:debian:debian_linux:10.0:::::::* cpe:2.3:o:linux:linux_kernel::::::::
Vendors & Products		Debian Debian debian Linux Linux Linux linux Kernel

Thu, 19 Dec 2024 09:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2024-05-01T13:04:48.074Z

Updated: 2025-05-04T09:03:47.372Z

Reserved: 2024-02-19T14:20:24.217Z

Link: CVE-2024-27076

Vulnrichment

Updated: 2024-08-02T00:27:58.321Z

NVD

Status : Analyzed

Published: 2024-05-01T13:15:51.307

Modified: 2024-12-23T15:08:03.860

Link: CVE-2024-27076

Redhat

Severity : Moderate

Publid Date: 2024-05-01T00:00:00Z

Links: CVE-2024-27076 - Bugzilla

Metrics

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Exploitation none

Automatable no

Technical Impact partial

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object