Description

In the Linux kernel, the following vulnerability has been resolved: media: vivid: fix buffer overwrite when using > 32 buffers The maximum number of buffers that can be requested was increased to 64 for the video capture queue. But video capture used a must_blank array that was still sized for 32 (VIDEO_MAX_FRAME). This caused an out-of-bounds write when using buffer indices >= 32. Create a new define MAX_VID_CAP_BUFFERS that is used to access the must_blank array and set max_num_buffers for the video capture queue. This solves a crash reported by: https://bugzilla.kernel.org/show_bug.cgi?id=219258

INFO

Published Date :

2024-11-19T01:30:32.682Z

Last Modified :

2025-10-01T20:17:21.514Z

Source :

Linux
AFFECTED PRODUCTS

The following products are affected by CVE-2024-50288 vulnerability.

Vendors Products
Linux
  • Linux Kernel
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2024-50288.

URL Resource
https://git.kernel.org/stable/c/96d8569563916fe2f8fe17317e20e43f54f9ba4b cve-icon cve-icon
https://git.kernel.org/stable/c/e6bacd8f2178b22859fe6d9f755f19dfcd9d3862 cve-icon cve-icon
https://lore.kernel.org/linux-cve-announce/2024111950-CVE-2024-50288-1c5d@gregkh/T cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2024-50288 cve-icon
https://www.cve.org/CVERecord?id=CVE-2024-50288 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact