Description

In the Linux kernel, the following vulnerability has been resolved: media: v4l: async: Fix NULL pointer dereference in adding ancillary links In v4l2_async_create_ancillary_links(), ancillary links are created for lens and flash sub-devices. These are sub-device to sub-device links and if the async notifier is related to a V4L2 device, the source sub-device of the ancillary link is NULL, leading to a NULL pointer dereference. Check the notifier's sd field is non-NULL in v4l2_async_create_ancillary_links(). [Sakari Ailus: Reword the subject and commit messages slightly.]

INFO

Published Date :

2024-08-17T09:21:50.890Z

Last Modified :

2025-11-03T22:05:18.444Z

Source :

Linux
AFFECTED PRODUCTS

The following products are affected by CVE-2024-43833 vulnerability.

Vendors Products
Linux
  • Linux Kernel
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2024-43833.

URL Resource
https://git.kernel.org/stable/c/249212ceb4187783af3801c57b92a5a25d410621 cve-icon cve-icon
https://git.kernel.org/stable/c/9b4667ea67854f0b116fe22ad11ef5628c5b5b5f cve-icon cve-icon
https://git.kernel.org/stable/c/b87e28050d9b0959de24574d587825cfab2f13fb cve-icon cve-icon
https://git.kernel.org/stable/c/fe0f92fd5320b393e44ca210805e653ea90cc982 cve-icon cve-icon
https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html cve-icon
https://lore.kernel.org/linux-cve-announce/2024081728-CVE-2024-43833-4e73@gregkh/T cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2024-43833 cve-icon
https://www.cve.org/CVERecord?id=CVE-2024-43833 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact