SB20240531359 - Memory leak in Linux kernel common v4l2-tpg driver
Published: May 31, 2024 Updated: May 14, 2025
Security Bulletin ID
SB20240531359
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Local access
Highest impact
Denial of service
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Memory leak (CVE-ID: CVE-2024-27078)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the tpg_alloc() function in drivers/media/common/v4l2-tpg/v4l2-tpg-core.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/0de691ff547d86dd54c24b40a81f9c925df8dd77
- https://git.kernel.org/stable/c/8269ab16415f2065cd792c49b0475543936cbd79
- https://git.kernel.org/stable/c/94303a06e1852a366e9671fff46d19459f88cb28
- https://git.kernel.org/stable/c/770a57922ce36a8476c43f7400b6501c554ea511
- https://git.kernel.org/stable/c/6bf5c2fade8ed53b2d26fa9875e5b04f36c7145d
- https://git.kernel.org/stable/c/4c86c772fef06f5d7a66151bac42366825db0941
- https://git.kernel.org/stable/c/31096da07933598da8522c54bd007376fb152a09
- https://git.kernel.org/stable/c/622b1cf38521569869c8f7b9fbe9e4f1a289add7
- https://git.kernel.org/stable/c/8cf9c5051076e0eb958f4361d50d8b0c3ee6691c
- https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.311
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.214
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.153
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.273
- https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.1.83
- https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.6.23
- https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.7.11
- https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.8.2