CVE-2024-43833
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2024-43833
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-43833.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2024-43833
- Downstream
- Related
- Published
- 2024-08-17T09:21:50.890Z
- Modified
- 2025-11-20T05:57:17.913922Z
- Summary
- media: v4l: async: Fix NULL pointer dereference in adding ancillary links
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
media: v4l: async: Fix NULL pointer dereference in adding ancillary links
In v4l2asynccreateancillarylinks(), ancillary links are created for lens and flash sub-devices. These are sub-device to sub-device links and if the async notifier is related to a V4L2 device, the source sub-device of the ancillary link is NULL, leading to a NULL pointer dereference. Check the notifier's sd field is non-NULL in v4l2asynccreateancillarylinks().
[Sakari Ailus: Reword the subject and commit messages slightly.]
- References
-
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- https://git.kernel.org/stable/c/249212ceb4187783af3801c57b92a5a25d410621
- https://git.kernel.org/stable/c/9b4667ea67854f0b116fe22ad11ef5628c5b5b5f
- https://git.kernel.org/stable/c/b87e28050d9b0959de24574d587825cfab2f13fb
- https://git.kernel.org/stable/c/fe0f92fd5320b393e44ca210805e653ea90cc982
- https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introducedaa4faf6eb27132532d5a133d9241254c16d4bafaFixedfe0f92fd5320b393e44ca210805e653ea90cc982
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introducedaa4faf6eb27132532d5a133d9241254c16d4bafaFixed249212ceb4187783af3801c57b92a5a25d410621
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introducedaa4faf6eb27132532d5a133d9241254c16d4bafaFixedb87e28050d9b0959de24574d587825cfab2f13fb
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introducedaa4faf6eb27132532d5a133d9241254c16d4bafaFixed9b4667ea67854f0b116fe22ad11ef5628c5b5b5f
Affected versions
v5.*
v5.18
v5.18-rc4
v5.18-rc5
v5.18-rc6
v5.18-rc7
v5.19
v5.19-rc1
v5.19-rc2
v5.19-rc3
v5.19-rc4
v5.19-rc5
v5.19-rc6
v5.19-rc7
v5.19-rc8
v6.*
v6.0
v6.0-rc1
v6.0-rc2
v6.0-rc3
v6.0-rc4
v6.0-rc5
v6.0-rc6
v6.0-rc7
v6.1
v6.1-rc1
v6.1-rc2
v6.1-rc3
v6.1-rc4
v6.1-rc5
v6.1-rc6
v6.1-rc7
v6.1-rc8
v6.1.1
v6.1.10
v6.1.100
v6.1.101
v6.1.102
v6.1.11
v6.1.12
v6.1.13
v6.1.14
v6.1.15
v6.1.16
v6.1.17
v6.1.18
v6.1.19
v6.1.2
v6.1.20
v6.1.21
v6.1.22
v6.1.23
v6.1.24
v6.1.25
v6.1.26
v6.1.27
v6.1.28
v6.1.29
v6.1.3
v6.1.30
v6.1.31
v6.1.32
v6.1.33
v6.1.34
v6.1.35
v6.1.36
v6.1.37
v6.1.38
v6.1.39
v6.1.4
v6.1.40
v6.1.41
v6.1.42
v6.1.43
v6.1.44
v6.1.45
v6.1.46
v6.1.47
v6.1.48
v6.1.49
v6.1.5
v6.1.50
v6.1.51
v6.1.52
v6.1.53
v6.1.54
v6.1.55
v6.1.56
v6.1.57
v6.1.58
v6.1.59
v6.1.6
v6.1.60
v6.1.61
v6.1.62
v6.1.63
v6.1.64
v6.1.65
v6.1.66
v6.1.67
v6.1.68
v6.1.69
v6.1.7
v6.1.70
v6.1.71
v6.1.72
v6.1.73
v6.1.74
v6.1.75
v6.1.76
v6.1.77
v6.1.78
v6.1.79
v6.1.8
v6.1.80
v6.1.81
v6.1.82
v6.1.83
v6.1.84
v6.1.85
v6.1.86
v6.1.87
v6.1.88
v6.1.89
v6.1.9
v6.1.90
v6.1.91
v6.1.92
v6.1.93
v6.1.94
v6.1.95
v6.1.96
v6.1.97
v6.1.98
v6.1.99
v6.10
v6.10-rc1
v6.10-rc2
v6.10-rc3
v6.10-rc4
v6.10-rc5
v6.10-rc6
v6.10-rc7
v6.10.1
v6.10.2
v6.2
v6.2-rc1
v6.2-rc2
v6.2-rc3
v6.2-rc4
v6.2-rc5
v6.2-rc6
v6.2-rc7
v6.2-rc8
v6.3
v6.3-rc1
v6.3-rc2
v6.3-rc3
v6.3-rc4
v6.3-rc5
v6.3-rc6
v6.3-rc7
v6.4
v6.4-rc1
v6.4-rc2
v6.4-rc3
v6.4-rc4
v6.4-rc5
v6.4-rc6
v6.4-rc7
v6.5
v6.5-rc1
v6.5-rc2
v6.5-rc3
v6.5-rc4
v6.5-rc5
v6.5-rc6
v6.5-rc7
v6.6
v6.6-rc1
v6.6-rc2
v6.6-rc3
v6.6-rc4
v6.6-rc5
v6.6-rc6
v6.6-rc7
v6.6.1
v6.6.10
v6.6.11
v6.6.12
v6.6.13
v6.6.14
v6.6.15
v6.6.16
v6.6.17
v6.6.18
v6.6.19
v6.6.2
v6.6.20
v6.6.21
v6.6.22
v6.6.23
v6.6.24
v6.6.25
v6.6.26
v6.6.27
v6.6.28
v6.6.29
v6.6.3
v6.6.30
v6.6.31
v6.6.32
v6.6.33
v6.6.34
v6.6.35
v6.6.36
v6.6.37
v6.6.38
v6.6.39
v6.6.4
v6.6.40
v6.6.41
v6.6.42
v6.6.43
v6.6.5
v6.6.6
v6.6.7
v6.6.8
v6.6.9
v6.7
v6.7-rc1
v6.7-rc2
v6.7-rc3
v6.7-rc4
v6.7-rc5
v6.7-rc6
v6.7-rc7
v6.7-rc8
v6.8
v6.8-rc1
v6.8-rc2
v6.8-rc3
v6.8-rc4
v6.8-rc5
v6.8-rc6
v6.8-rc7
v6.9
v6.9-rc1
v6.9-rc2
v6.9-rc3
v6.9-rc4
v6.9-rc5
v6.9-rc6
v6.9-rc7
Database specific
vanir_signatures
[
{
"id": "CVE-2024-43833-2618a6c2",
"target": {
"file": "drivers/media/v4l2-core/v4l2-async.c",
"function": "v4l2_async_create_ancillary_links"
},
"digest": {
"function_hash": "137471252171683841680995072254084702884",
"length": 362.0
},
"deprecated": false,
"signature_type": "Function",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@fe0f92fd5320b393e44ca210805e653ea90cc982",
"signature_version": "v1"
},
{
"id": "CVE-2024-43833-2726e8a9",
"target": {
"file": "drivers/media/v4l2-core/v4l2-async.c"
},
"digest": {
"threshold": 0.9,
"line_hashes": [
"236534008121251054595213167591771396210",
"158924357557689816183512726828237569061",
"284589501284120632898852674180029141432"
]
},
"deprecated": false,
"signature_type": "Line",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@fe0f92fd5320b393e44ca210805e653ea90cc982",
"signature_version": "v1"
},
{
"id": "CVE-2024-43833-2bad454e",
"target": {
"file": "drivers/media/v4l2-core/v4l2-async.c",
"function": "v4l2_async_create_ancillary_links"
},
"digest": {
"function_hash": "137471252171683841680995072254084702884",
"length": 362.0
},
"deprecated": false,
"signature_type": "Function",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@249212ceb4187783af3801c57b92a5a25d410621",
"signature_version": "v1"
},
{
"id": "CVE-2024-43833-4bf5d6d4",
"target": {
"file": "drivers/media/v4l2-core/v4l2-async.c",
"function": "v4l2_async_create_ancillary_links"
},
"digest": {
"function_hash": "260038797209462195969694840591461384170",
"length": 373.0
},
"deprecated": false,
"signature_type": "Function",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@b87e28050d9b0959de24574d587825cfab2f13fb",
"signature_version": "v1"
},
{
"id": "CVE-2024-43833-4f1c1079",
"target": {
"file": "drivers/media/v4l2-core/v4l2-async.c",
"function": "v4l2_async_create_ancillary_links"
},
"digest": {
"function_hash": "260038797209462195969694840591461384170",
"length": 373.0
},
"deprecated": false,
"signature_type": "Function",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@9b4667ea67854f0b116fe22ad11ef5628c5b5b5f",
"signature_version": "v1"
},
{
"id": "CVE-2024-43833-a080b07a",
"target": {
"file": "drivers/media/v4l2-core/v4l2-async.c"
},
"digest": {
"threshold": 0.9,
"line_hashes": [
"236534008121251054595213167591771396210",
"158924357557689816183512726828237569061",
"284589501284120632898852674180029141432"
]
},
"deprecated": false,
"signature_type": "Line",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@249212ceb4187783af3801c57b92a5a25d410621",
"signature_version": "v1"
},
{
"id": "CVE-2024-43833-d6bba6a1",
"target": {
"file": "drivers/media/v4l2-core/v4l2-async.c"
},
"digest": {
"threshold": 0.9,
"line_hashes": [
"236534008121251054595213167591771396210",
"121638348646210686690324149975032188871",
"126595866025783941161141141072371028928"
]
},
"deprecated": false,
"signature_type": "Line",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@b87e28050d9b0959de24574d587825cfab2f13fb",
"signature_version": "v1"
},
{
"id": "CVE-2024-43833-dbe46f99",
"target": {
"file": "drivers/media/v4l2-core/v4l2-async.c"
},
"digest": {
"threshold": 0.9,
"line_hashes": [
"236534008121251054595213167591771396210",
"121638348646210686690324149975032188871",
"126595866025783941161141141072371028928"
]
},
"deprecated": false,
"signature_type": "Line",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@9b4667ea67854f0b116fe22ad11ef5628c5b5b5f",
"signature_version": "v1"
}
]