CVE-2024-38621

Updated:

Description:

In the Linux kernel, the following vulnerability has been resolved: media: stk1160: fix bounds checking in stk1160_copy_video() The subtract in this condition is reversed. The ->length is the length of the buffer. The ->bytesused is how many bytes we have copied thus far. When the condition is reversed that means the result of the subtraction is always negative but since it's unsigned then the result is a very high positive value. That means the overflow check is never true. Additionally, the ->bytesused doesn't actually work for this purpose because we're not writing to "buf->mem + buf->bytesused". Instead, the math to calculate the destination where we are writing is a bit involved. You calculate the number of full lines already written, multiply by two, skip a line if necessary so that we start on an odd numbered line, and add the offset into the line. To fix this buffer overflow, just take the actual destination where we are writing, if the offset is already out of bounds print an error and return. Otherwise, write up to buf->length bytes.

CVSS3: 5.5


Vendor State

OS Vendor version Errata
Ubuntu 14.04 HWE ESM 4.4.0-260.294~14.04.1 USN-7110-1
Oracle Linux 7 UEK 5 4.14.35-2047.540.4.1.el7uek ELSA-2024-12611
Ubuntu 20.04 5.4.0-192.212 USN-6951-1
Oracle Linux 7 UEK 6 5.4.17-2136.334.6.el7uek ELSA-2024-12581
Oracle Linux 8 UEK 6 5.4.17-2136.334.6.el8uek ELSA-2024-12581
Ubuntu 20.04 AWS 5.4.0-1130.140 USN-6951-1
Ubuntu 16.04 ESM 4.4.0-260.294 USN-7110-1
Ubuntu 16.04 HWE ESM 4.15.0-230.242~16.04.1 USN-7069-1
Ubuntu 16.04 AWS ESM 4.4.0-1175.190 USN-7110-1
Ubuntu 16.04 GCP ESM 4.15.0-1167.184~16.04.2 USN-7069-1
Ubuntu 16.04 AWS HWE ESM 4.15.0-1174.187~16.04.1 USN-7069-1
Ubuntu 16.04 Azure ESM 4.15.0-1182.197~16.04.1 USN-7069-2
Debian 11 5.10.221-1 DSA-5730-1
Ubuntu 22.04 5.15.0-121.131 USN-7007-1
Ubuntu 22.04 AWS 5.15.0-1069.75 USN-7007-1
Ubuntu 22.04 Azure 5.15.0-1072.81 USN-7009-1
Debian 11 cloud 5.10.221-1 DSA-5730-1
Ubuntu 20.04 HWE AWS 5.15.0-1069.75~20.04.1 USN-7007-1
Ubuntu 20.04 HWE Azure 5.15.0-1072.81~20.04.1 USN-7009-1
Ubuntu 20.04 GCP 5.4.0-1134.143 USN-6951-1
Ubuntu 24.04 6.8.0-44.44 USN-6999-1

KernelCare State

OS Original kernel version State
Ubuntu 18.04
Planned
Ubuntu 18.04 AWS
Planned
Ubuntu 14.04 HWE ESM
Planned
Oracle Linux 7 UEK 5
Planned
Ubuntu 20.04
In Progress
Oracle Linux 7 UEK 6
5.4.17-2011.2.2.el7uek show all hide all
5.4.17-2011.1.2.el7uek 5.4.17-2011.3.2.1.el7uek 5.4.17-2011.0.7.el7uek 5.4.17-2011.4.4.el7uek 5.4.17-2011.4.6.el7uek 5.4.17-2011.5.3.el7uek 5.4.17-2011.6.2.el7uek 5.4.17-2011.7.4.el7uek 5.4.17-2036.100.6.1.el7uek 5.4.17-2036.101.2.el7uek 5.4.17-2036.102.0.2.el7uek 5.4.17-2036.103.3.el7uek 5.4.17-2036.103.3.1.el7uek 5.4.17-2036.104.4.el7uek 5.4.17-2036.104.5.el7uek 5.4.17-2102.200.13.el7uek 5.4.17-2102.201.3.el7uek 5.4.17-2102.202.5.el7uek 5.4.17-2102.203.5.el7uek 5.4.17-2102.203.6.el7uek 5.4.17-2102.204.4.2.el7uek 5.4.17-2102.204.4.3.el7uek 5.4.17-2102.204.4.4.el7uek 5.4.17-2102.205.7.2.el7uek 5.4.17-2102.205.7.3.el7uek 5.4.17-2102.206.1.el7uek 5.4.17-2136.300.7.el7uek 5.4.17-2136.301.1.2.el7uek 5.4.17-2136.301.1.4.el7uek 5.4.17-2136.302.6.1.el7uek 5.4.17-2136.302.7.2.el7uek 5.4.17-2136.302.7.2.1.el7uek 5.4.17-2136.301.1.3.el7uek 5.4.17-2136.302.7.2.2.el7uek 5.4.17-2136.302.7.2.3.el7uek 5.4.17-2136.304.4.1.el7uek 5.4.17-2136.304.4.2.el7uek 5.4.17-2136.304.4.3.el7uek 5.4.17-2136.304.4.4.el7uek 5.4.17-2136.304.4.5.el7uek 5.4.17-2136.305.5.3.el7uek 5.4.17-2136.305.5.4.el7uek 5.4.17-2136.305.5.5.el7uek 5.4.17-2136.306.1.3.el7uek 5.4.17-2136.307.3.1.el7uek 5.4.17-2136.307.3.2.el7uek 5.4.17-2136.307.3.4.el7uek 5.4.17-2136.307.3.5.el7uek 5.4.17-2136.308.7.el7uek 5.4.17-2136.307.3.6.el7uek 5.4.17-2136.308.9.el7uek 5.4.17-2136.309.5.el7uek 5.4.17-2136.309.5.1.el7uek 5.4.17-2136.310.7.el7uek 5.4.17-2136.310.7.1.el7uek 5.4.17-2136.309.4.el7uek 5.4.17-2136.311.6.el7uek 5.4.17-2136.311.6.1.el7uek 5.4.17-2136.312.3.4.el7uek 5.4.17-2136.313.6.el7uek 5.4.17-2136.314.6.2.el7uek 5.4.17-2136.314.6.3.el7uek 5.4.17-2136.315.5.el7uek 5.4.17-2136.316.7.el7uek 5.4.17-2136.315.5.8.el7uek 5.4.17-2136.317.5.3.el7uek 5.4.17-2136.317.5.5.el7uek 5.4.17-2136.318.7.1.el7uek 5.4.17-2136.318.7.2.el7uek 5.4.17-2136.319.1.2.el7uek 5.4.17-2136.319.1.3.el7uek 5.4.17-2136.319.1.4.el7uek 5.4.17-2136.320.7.el7uek 5.4.17-2136.320.7.1.el7uek 5.4.17-2136.321.4.el7uek 5.4.17-2136.322.6.2.el7uek 5.4.17-2136.323.8.el7uek 5.4.17-2136.323.8.1.el7uek 5.4.17-2136.323.8.2.el7uek 5.4.17-2136.321.4.1.el7uek 5.4.17-2136.324.5.3.el7uek 5.4.17-2136.322.6.3.el7uek 5.4.17-2136.325.5.el7uek 5.4.17-2136.325.5.1.el7uek 5.4.17-2136.326.6.el7uek 5.4.17-2136.326.6.1.el7uek 5.4.17-2136.327.2.el7uek 5.4.17-2136.328.3.el7uek 5.4.17-2136.329.3.1.el7uek 5.4.17-2136.322.6.4.el7uek 5.4.17-2136.329.3.2.el7uek 5.4.17-2136.330.7.1.el7uek 5.4.17-2136.331.7.el7uek 5.4.17-2136.322.6.5.el7uek 5.4.17-2136.330.7.4.el7uek 5.4.17-2136.332.5.2.el7uek 5.4.17-2136.333.5.el7uek 5.4.17-2136.330.7.5.el7uek 5.4.17-2136.333.5.1.el7uek
Released
Oracle Linux 8 UEK 6
5.4.17-2011.2.2.el8uek show all hide all
5.4.17-2011.1.2.el8uek 5.4.17-2011.3.2.1.el8uek 5.4.17-2011.0.7.el8uek 5.4.17-2011.4.4.el8uek 5.4.17-2011.4.6.el8uek 5.4.17-2011.5.3.el8uek 5.4.17-2011.6.2.el8uek 5.4.17-2011.7.4.el8uek 5.4.17-2036.100.6.1.el8uek 5.4.17-2036.101.2.el8uek 5.4.17-2036.102.0.2.el8uek 5.4.17-2036.103.3.el8uek 5.4.17-2036.103.3.1.el8uek 5.4.17-2036.104.4.el8uek 5.4.17-2036.104.5.el8uek 5.4.17-2102.200.13.el8uek 5.4.17-2102.201.3.el8uek 5.4.17-2102.202.5.el8uek 5.4.17-2102.203.5.el8uek 5.4.17-2102.203.6.el8uek 5.4.17-2102.204.4.2.el8uek 5.4.17-2102.204.4.3.el8uek 5.4.17-2102.204.4.4.el8uek 5.4.17-2102.205.7.2.el8uek 5.4.17-2102.205.7.3.el8uek 5.4.17-2102.206.1.el8uek 5.4.17-2136.300.7.el8uek 5.4.17-2136.301.1.2.el8uek 5.4.17-2136.301.1.4.el8uek 5.4.17-2136.302.6.1.el8uek 5.4.17-2136.302.7.2.el8uek 5.4.17-2136.302.7.2.1.el8uek 5.4.17-2136.301.1.3.el8uek 5.4.17-2136.302.7.2.2.el8uek 5.4.17-2136.302.7.2.3.el8uek 5.4.17-2136.304.4.1.el8uek 5.4.17-2136.304.4.2.el8uek 5.4.17-2136.304.4.3.el8uek 5.4.17-2136.304.4.4.el8uek 5.4.17-2136.304.4.5.el8uek 5.4.17-2136.305.5.3.el8uek 5.4.17-2136.305.5.4.el8uek 5.4.17-2136.305.5.5.el8uek 5.4.17-2136.306.1.3.el8uek 5.4.17-2136.307.3.1.el8uek 5.4.17-2136.307.3.2.el8uek 5.4.17-2136.307.3.4.el8uek 5.4.17-2136.307.3.5.el8uek 5.4.17-2136.308.7.el8uek 5.4.17-2136.307.3.6.el8uek 5.4.17-2136.308.9.el8uek 5.4.17-2136.309.5.el8uek 5.4.17-2136.309.5.1.el8uek 5.4.17-2136.310.7.el8uek 5.4.17-2136.310.7.1.el8uek 5.4.17-2136.309.4.el8uek 5.4.17-2136.311.6.el8uek 5.4.17-2136.311.6.1.el8uek 5.4.17-2136.312.3.4.el8uek 5.4.17-2136.313.6.el8uek 5.4.17-2136.314.6.2.el8uek 5.4.17-2136.314.6.3.el8uek 5.4.17-2136.315.5.el8uek 5.4.17-2136.316.7.el8uek 5.4.17-2136.315.5.8.el8uek 5.4.17-2136.317.5.3.el8uek 5.4.17-2136.317.5.5.el8uek 5.4.17-2136.318.7.1.el8uek 5.4.17-2136.318.7.2.el8uek 5.4.17-2136.319.1.2.el8uek 5.4.17-2136.319.1.3.el8uek 5.4.17-2136.319.1.4.el8uek 5.4.17-2136.320.7.el8uek 5.4.17-2136.320.7.1.el8uek 5.4.17-2136.321.4.el8uek 5.4.17-2136.321.4.1.el8uek 5.4.17-2136.322.6.2.el8uek 5.4.17-2136.323.8.el8uek 5.4.17-2136.323.8.1.el8uek 5.4.17-2136.323.8.2.el8uek 5.4.17-2136.324.5.2.el8uek 5.4.17-2136.324.5.3.el8uek 5.4.17-2136.322.6.3.el8uek 5.4.17-2136.325.5.el8uek 5.4.17-2136.325.5.1.el8uek 5.4.17-2136.326.6.el8uek 5.4.17-2136.326.6.1.el8uek 5.4.17-2136.327.2.el8uek 5.4.17-2136.328.3.el8uek 5.4.17-2136.329.3.1.el8uek 5.4.17-2136.322.6.4.el8uek 5.4.17-2136.329.3.2.el8uek 5.4.17-2136.330.7.1.el8uek 5.4.17-2136.331.7.el8uek 5.4.17-2136.322.6.5.el8uek 5.4.17-2136.330.7.4.el8uek 5.4.17-2136.332.5.2.el8uek 5.4.17-2136.333.5.el8uek 5.4.17-2136.330.7.5.el8uek 5.4.17-2136.333.5.1.el8uek
Released
Ubuntu 20.04 AWS
In Progress
Ubuntu 16.04 ESM
Planned
Ubuntu 16.04 HWE ESM
Planned
Ubuntu 16.04 AWS ESM
Planned
Ubuntu 16.04 GCP ESM
Planned
Ubuntu 16.04 AWS HWE ESM
Planned
Ubuntu 16.04 Azure ESM
Planned
Debian 11
In Progress
Ubuntu 22.04
5.15.0-27.28 show all hide all
5.15.0-33.34 5.15.0-37.39 5.15.0-39.42 5.15.0-25.25 5.15.0-28.29 5.15.0-29.30 5.15.0-30.31 5.15.0-41.44 5.15.0-43.46 5.15.0-46.49 5.15.0-35.36 5.15.0-47.51 5.15.0-48.54 5.15.0-40.43 5.15.0-50.56 5.15.0-52.58 5.15.0-53.59 5.15.0-56.62 5.15.0-54.60 5.15.0-57.63 5.15.0-58.64 5.15.0-60.66 5.15.0-67.74 5.15.0-69.76 5.15.0-70.77 5.15.0-71.78 5.15.0-72.79 5.15.0-68.75 5.15.0-73.80 5.15.0-75.82 5.15.0-76.83 5.15.0-78.85 5.15.0-79.86 5.15.0-82.91 5.15.0-83.92 5.15.0-84.93 5.15.0-86.96 5.15.0-74.81 5.15.0-87.97 5.15.0-88.98 5.15.0-89.99 5.15.0-91.101 5.15.0-92.102 5.15.0-94.104 5.15.0-97.107 5.15.0-100.110 5.15.0-101.111 5.15.0-102.112 5.15.0-105.115 5.15.0-106.116 5.15.0-107.117 5.15.0-112.122 5.15.0-113.123 5.15.0-116.126 5.15.0-117.127 5.15.0-118.128 5.15.0-119.129
Released
Ubuntu 22.04 AWS
5.15.0-1005.7 show all hide all
5.15.0-1008.10 5.15.0-1011.14 5.15.0-1013.17 5.15.0-1015.19 5.15.0-1017.21 5.15.0-1009.11 5.15.0-1020.24 5.15.0-1021.25 5.15.0-1022.26 5.15.0-1023.27 5.15.0-1026.30 5.15.0-1004.6 5.15.0-1014.18 5.15.0-1018.22 5.15.0-1024.29 5.15.0-1027.31 5.15.0-1028.32 5.15.0-1030.34 5.15.0-1031.35 5.15.0-1033.37 5.15.0-1034.38 5.15.0-1035.39 5.15.0-1036.40 5.15.0-1032.36 5.15.0-1037.41 5.15.0-1038.43 5.15.0-1039.44 5.15.0-1040.45 5.15.0-1042.47 5.15.0-1043.48 5.15.0-1044.49 5.15.0-1045.50 5.15.0-1047.52 5.15.0-1048.53 5.15.0-1049.54 5.15.0-1050.55 5.15.0-1051.56 5.15.0-1052.57 5.15.0-1053.58 5.15.0-1055.60 5.15.0-1056.61 5.15.0-1057.63 5.15.0-1060.66 5.15.0-1061.67 5.15.0-1062.68 5.15.0-1063.69 5.15.0-1064.70 5.15.0-1065.71 5.15.0-1066.72 5.15.0-1067.73 5.15.0-1068.74
Released
Ubuntu 22.04 Azure
5.15.0-1005.6 show all hide all
5.15.0-1007.8 5.15.0-1010.12 5.15.0-1012.15 5.15.0-1014.17 5.15.0-1017.20 5.15.0-1008.9 5.15.0-1019.24 5.15.0-1020.25 5.15.0-1021.26 5.15.0-1022.27 5.15.0-1003.4 5.15.0-1013.16 5.15.0-1023.29 5.15.0-1029.36 5.15.0-1024.30 5.15.0-1034.41 5.15.0-1035.42 5.15.0-1036.43 5.15.0-1037.44 5.15.0-1038.45 5.15.0-1039.46 5.15.0-1040.47 5.15.0-1041.48 5.15.0-1042.49 5.15.0-1045.52 5.15.0-1046.53 5.15.0-1047.54 5.15.0-1049.56 5.15.0-1044.51 5.15.0-1050.57 5.15.0-1051.59 5.15.0-1052.60 5.15.0-1053.61 5.15.0-1054.62 5.15.0-1056.64 5.15.0-1057.65 5.15.0-1058.66 5.15.0-1059.67 5.15.0-1060.69 5.15.0-1061.70 5.15.0-1063.72 5.15.0-1064.73 5.15.0-1066.75 5.15.0-1067.76 5.15.0-1068.77 5.15.0-1070.79 5.15.0-1071.80
Released
Debian 11 cloud
In Progress
Ubuntu 20.04 HWE AWS
5.15.0-1026.30~20.04.2 show all hide all
5.15.0-1022.26~20.04.1 5.15.0-1023.27~20.04.1 5.15.0-1021.25~20.04.1 5.15.0-1020.24~20.04.1 5.15.0-1017.21~20.04.1 5.15.0-1019.23~20.04.1 5.15.0-1014.18~20.04.1 5.15.0-1015.19~20.04.1 5.15.0-1018.22~20.04.1 5.15.0-1027.31~20.04.1 5.15.0-1028.32~20.04.1 5.15.0-1030.34~20.04.1 5.15.0-1031.35~20.04.1 5.15.0-1033.37~20.04.1 5.15.0-1034.38~20.04.1 5.15.0-1035.39~20.04.1 5.15.0-1036.40~20.04.1 5.15.0-1037.41~20.04.1 5.15.0-1038.43~20.04.1 5.15.0-1039.44~20.04.1 5.15.0-1040.45~20.04.1 5.15.0-1041.46~20.04.1 5.15.0-1043.48~20.04.1 5.15.0-1044.49~20.04.1 5.15.0-1045.50~20.04.1 5.15.0-1047.52~20.04.1 5.15.0-1048.53~20.04.1 5.15.0-1049.54~20.04.1 5.15.0-1050.55~20.04.1 5.15.0-1051.56~20.04.1 5.15.0-1052.57~20.04.1 5.15.0-1053.58~20.04.1 5.15.0-1055.60~20.04.1 5.15.0-1056.61~20.04.1 5.15.0-1057.63~20.04.1 5.15.0-1058.64~20.04.1 5.15.0-1061.67~20.04.1 5.15.0-1062.68~20.04.1 5.15.0-1063.69~20.04.1 5.15.0-1064.70~20.04.1 5.15.0-1065.71~20.04.1 5.15.0-1066.72~20.04.1 5.15.0-1067.73~20.04.1 5.15.0-1068.74~20.04.1
Released
Ubuntu 20.04 HWE Azure
5.15.0-1029.36~20.04.1 show all hide all
5.15.0-1022.27~20.04.1 5.15.0-1023.29~20.04.1 5.15.0-1021.26~20.04.1 5.15.0-1020.25~20.04.1 5.15.0-1017.20~20.04.1 5.15.0-1019.24~20.04.1 5.15.0-1008.9~20.04.1 5.15.0-1013.16~20.04.1 5.15.0-1014.17~20.04.1 5.15.0-1024.30~20.04.1 5.15.0-1034.41~20.04.1 5.15.0-1049.56~20.04.1 5.15.0-1050.57~20.04.1 5.15.0-1054.62~20.04.1 5.15.0-1056.64~20.04.1 5.15.0-1057.65~20.04.1 5.15.0-1058.66~20.04.2 5.15.0-1059.67~20.04.1 5.15.0-1060.69~20.04.1 5.15.0-1061.70~20.04.1 5.15.0-1063.72~20.04.1 5.15.0-1064.73~20.04.1 5.15.0-1067.76~20.04.1 5.15.0-1068.77~20.04.1 5.15.0-1065.74~20.04.1 5.15.0-1070.79~20.04.1 5.15.0-1071.80~20.04.1
Released
Ubuntu 20.04 GCP
In Progress
Debian 12
Planned
Ubuntu 24.04
Planned