CVE-2024-56769

CVSS 3.1 Score 5.5 of 10 (medium)

Details

Published Jan 6, 2025
Updated: Jan 9, 2025
CWE ID 908

Summary

CVE-2024-56769 is a vulnerability in the Linux kernel's media driver, specifically in the dvb-frontends module for the dib3000mb DVB frontend. An uninitialized value issue was discovered in the function dib3000_read_reg(), where a local buffer used in an i2c transfer call may contain undefined values if the transfer fails. This issue was identified using KMSAN and could lead to potential security vulnerabilities. To mitigate the problem, the affected code has been updated to zero out the buffer before use in dib3000_write_reg().

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share