Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

github логотип

GHSA-69h8-v2gw-h8q9

Опубликовано: 19 нояб. 2024
Источник: github
Github: Не прошло ревью
CVSS3: 7.1

Описание

In the Linux kernel, the following vulnerability has been resolved:

media: mgb4: protect driver against spectre

Frequency range is set from sysfs via frequency_range_store(), being vulnerable to spectre, as reported by smatch:

drivers/media/pci/mgb4/mgb4_cmt.c:231 mgb4_cmt_set_vin_freq_range() warn: potential spectre issue 'cmt_vals_in' [r] drivers/media/pci/mgb4/mgb4_cmt.c:238 mgb4_cmt_set_vin_freq_range() warn: possible spectre second half. 'reg_set'

Fix it.

In the Linux kernel, the following vulnerability has been resolved:

media: mgb4: protect driver against spectre

Frequency range is set from sysfs via frequency_range_store(), being vulnerable to spectre, as reported by smatch:

drivers/media/pci/mgb4/mgb4_cmt.c:231 mgb4_cmt_set_vin_freq_range() warn: potential spectre issue 'cmt_vals_in' [r] drivers/media/pci/mgb4/mgb4_cmt.c:238 mgb4_cmt_set_vin_freq_range() warn: possible spectre second half. 'reg_set'

Fix it.

Ссылки

EPSS

Процентиль: 11%
0.00037
Низкий

7.1 High

CVSS3

CVE ID

CVE-2024-53062

Связанные уязвимости

ubuntu логотип

CVE-2024-53062

CVSS3: 7.1
ubuntu
около 1 года назад

In the Linux kernel, the following vulnerability has been resolved: media: mgb4: protect driver against spectre Frequency range is set from sysfs via frequency_range_store(), being vulnerable to spectre, as reported by smatch: drivers/media/pci/mgb4/mgb4_cmt.c:231 mgb4_cmt_set_vin_freq_range() warn: potential spectre issue 'cmt_vals_in' [r] drivers/media/pci/mgb4/mgb4_cmt.c:238 mgb4_cmt_set_vin_freq_range() warn: possible spectre second half. 'reg_set' Fix it.

redhat логотип

CVE-2024-53062

CVSS3: 7.1
redhat
около 1 года назад

In the Linux kernel, the following vulnerability has been resolved: media: mgb4: protect driver against spectre Frequency range is set from sysfs via frequency_range_store(), being vulnerable to spectre, as reported by smatch: drivers/media/pci/mgb4/mgb4_cmt.c:231 mgb4_cmt_set_vin_freq_range() warn: potential spectre issue 'cmt_vals_in' [r] drivers/media/pci/mgb4/mgb4_cmt.c:238 mgb4_cmt_set_vin_freq_range() warn: possible spectre second half. 'reg_set' Fix it.

nvd логотип

CVE-2024-53062

CVSS3: 7.1
nvd
около 1 года назад

In the Linux kernel, the following vulnerability has been resolved: media: mgb4: protect driver against spectre Frequency range is set from sysfs via frequency_range_store(), being vulnerable to spectre, as reported by smatch: drivers/media/pci/mgb4/mgb4_cmt.c:231 mgb4_cmt_set_vin_freq_range() warn: potential spectre issue 'cmt_vals_in' [r] drivers/media/pci/mgb4/mgb4_cmt.c:238 mgb4_cmt_set_vin_freq_range() warn: possible spectre second half. 'reg_set' Fix it.

debian логотип

CVE-2024-53062

CVSS3: 7.1
debian
около 1 года назад

In the Linux kernel, the following vulnerability has been resolved: m ...

fstec логотип

BDU:2025-07228

CVSS3: 7.1
fstec
около 1 года назад

Уязвимость функции mgb4_cmt_set_vin_freq_range() модуля drivers/media/pci/mgb4/mgb4_cmt.c ядра операционной системы Linux, позволяющая нарушителю оказать воздействие на конфиденциальность и доступность защищаемой информации

EPSS

Процентиль: 11%
0.00037
Низкий

7.1 High

CVSS3

CVE ID

CVE-2024-53062