CVE-2024-43833

CVSS 3.1 Score 5.5 of 10 (medium)

Details

Published Aug 17, 2024
Updated: Aug 19, 2024
CWE ID 476

Summary

CVE-2024-43833 is a vulnerability identified in the Linux kernel that affects the handling of ancillary links in the v4l2_async_create_ancillary_links function. This function creates ancillary links for lens and flash sub-devices in the v4l2 driver. If the async notifier is related to a V4L2 device, the source sub-device of the ancillary link can be NULL, resulting in a NULL pointer dereference. This issue has been resolved by checking that the notifier's sd field is non-NULL before proceeding in the function.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share