CVE-2024-42223

CVSS 3.1 Score 5.5 of 10 (medium)

Details

Published Jul 30, 2024

Updated: Aug 2, 2024

CWE ID 190

Summary

CVE-2024-42223 is a newly identified vulnerability in the Linux kernel that affects the media driver dvb-frontends for the tda10048 chip. The issue arises from an integer overflow in the calculation of state->xtal_hz, which can be up to 16M. When this value is multiplied by pll_mfactor, a 32-bit integer overflow can occur. To mitigate this vulnerability, a new 64-bit variable has been introduced to hold the calculations and prevent potential integer overflows.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/xVhaqk
https://www.cve.org/CVERecord?id=CVE-2024-42223
https://nvd.nist.gov/vuln/detail/CVE-2024-42223

Back to Vulnerability Database

CVE-2024-42223

CVSS 3.1 Score 5.5 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations