CVE-2024-58002

media: uvcvideo: Remove dangling pointers

Severity Score

7.8

*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Remove dangling pointers When an async control is written, we copy a pointer to the file handle
that started the operation. That pointer will be used when the device is
done. Which could be anytime in the future. If the user closes that file descriptor, its structure will be freed,
and there will be one dangling pointer per pending async control, that
the driver will try to use. Clean all the dangling pointers during release(). To avoid adding a performance penalty in the most common case (no async
operation), a counter has been introduced with some logic to make sure
that it is properly handled.

In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Remove dangling pointers When an async control is written, we copy a pointer to the file handle that started the operation. That pointer will be used when the device is done. Which could be anytime in the future. If the user closes that file descriptor, its structure will be freed, and there will be one dangling pointer per pending async control, that the driver will try to use. Clean all the dangling pointers during release(). To avoid adding a performance penalty in the most common case (no async operation), a counter has been introduced with some logic to make sure that it is properly handled.

Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks.

*Credits: N/A

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Attack Vector

Local

Attack Complexity

Low

Authentication

Single

Confidentiality

Complete

Integrity

Complete

Availability

Complete

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2025-02-27 CVE Reserved
2025-02-27 CVE Published
2025-03-24 CVE Updated
2025-03-31 EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CAPEC

References (9)

URL	Tag	Source
https://git.kernel.org/stable/c/e5225c820c057537dc780244760e2e24c7d27366	Vuln. Introduced

URL	Date	SRC

URL	Date	SRC
https://git.kernel.org/stable/c/2a29413ace64627e178fd422dd8a5d95219a2c0b	2025-03-13
https://git.kernel.org/stable/c/653993f46861f2971e95e9a0e36a34b49dec542c	2025-03-13
https://git.kernel.org/stable/c/117f7a2975baa4b7d702d3f4830d5a4ebd0c6d50	2025-03-13
https://git.kernel.org/stable/c/ac18d781466252cd35a3e311e0a4b264260fd927	2025-03-07
https://git.kernel.org/stable/c/4dbaa738c583a0e947803c69e8996e88cf98d971	2025-02-27
https://git.kernel.org/stable/c/438bda062b2c40ddd7df23b932e29ffe0a448cac	2025-02-17
https://git.kernel.org/stable/c/9edc7d25f7e49c33a1ce7a5ffadea2222065516c	2025-02-17
https://git.kernel.org/stable/c/221cd51efe4565501a3dbf04cc011b537dcce7fb	2024-12-19

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.19 < 5.4.291 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.19 < 5.4.291"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.19 < 5.10.235 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.19 < 5.10.235"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.19 < 5.15.179 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.19 < 5.15.179"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.19 < 6.1.130 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.19 < 6.1.130"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.19 < 6.6.80 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.19 < 6.6.80"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.19 < 6.12.14 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.19 < 6.12.14"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.19 < 6.13.3 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.19 < 6.13.3"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.19 < 6.14 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.19 < 6.14"		en		Affected