fkie_nvd - fkie_cve-2024-50289

fkie_cve-2024-50289

Vulnerability from fkie_nvd

Published

2024-11-19 02:16

Modified

2024-11-19 21:57

Severity ?

Summary

In the Linux kernel, the following vulnerability has been resolved: media: av7110: fix a spectre vulnerability As warned by smatch: drivers/staging/media/av7110/av7110_ca.c:270 dvb_ca_ioctl() warn: potential spectre issue 'av7110->ci_slot' [w] (local cap) There is a spectre-related vulnerability at the code. Fix it.

References

▶	URL	Tags
	416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/458ea1c0be991573ec436aa0afa23baacfae101a
	416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/f3927206c478bd249c225414f7a751752a30e7b9

Impacted products

	Vendor	Product	Version

To clipboard

{
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: av7110: fix a spectre vulnerability\n\nAs warned by smatch:\n\tdrivers/staging/media/av7110/av7110_ca.c:270 dvb_ca_ioctl() warn: potential spectre issue \u0027av7110-\u003eci_slot\u0027 [w] (local cap)\n\nThere is a spectre-related vulnerability at the code. Fix it."
    },
    {
      "lang": "es",
      "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: media: av7110: se corrige una vulnerabilidad de Spectre Como lo advirti\u00f3 smatch: drivers/staging/media/av7110/av7110_ca.c:270 dvb_ca_ioctl() warn: potential spectre issue \u0027av7110-\u0026gt;ci_slot\u0027 [w] (local cap) Hay una vulnerabilidad relacionada con Spectre en el c\u00f3digo. Arr\u00e9glenla."
    }
  ],
  "id": "CVE-2024-50289",
  "lastModified": "2024-11-19T21:57:32.967",
  "metrics": {},
  "published": "2024-11-19T02:16:31.117",
  "references": [
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/458ea1c0be991573ec436aa0afa23baacfae101a"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/f3927206c478bd249c225414f7a751752a30e7b9"
    }
  ],
  "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
  "vulnStatus": "Awaiting Analysis"
}

CVE-2024-50289 (GCVE-0-2024-50289)

Vulnerability from cvelistv5

Published

2024-11-19 01:30

Modified

2025-05-04 09:50

Severity ?

Summary

In the Linux kernel, the following vulnerability has been resolved: media: av7110: fix a spectre vulnerability As warned by smatch: drivers/staging/media/av7110/av7110_ca.c:270 dvb_ca_ioctl() warn: potential spectre issue 'av7110->ci_slot' [w] (local cap) There is a spectre-related vulnerability at the code. Fix it.

References

►

URL

Tags

	https://git.kernel.org/stable/c/f3927206c478bd249c225414f7a751752a30e7b9
	https://git.kernel.org/stable/c/458ea1c0be991573ec436aa0afa23baacfae101a

Impacted products

Vendor

Product

Version

►

Version: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
Version: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Version: 2.6.12

Show details on NVD website

To clipboard

{
  "containers": {
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/staging/media/av7110/av7110.h",
            "drivers/staging/media/av7110/av7110_ca.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "f3927206c478bd249c225414f7a751752a30e7b9",
              "status": "affected",
              "version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
              "versionType": "git"
            },
            {
              "lessThan": "458ea1c0be991573ec436aa0afa23baacfae101a",
              "status": "affected",
              "version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/staging/media/av7110/av7110.h",
            "drivers/staging/media/av7110/av7110_ca.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "2.6.12"
            },
            {
              "lessThan": "2.6.12",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.11.*",
              "status": "unaffected",
              "version": "6.11.8",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.12",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.11.8",
                  "versionStartIncluding": "2.6.12",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.12",
                  "versionStartIncluding": "2.6.12",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: av7110: fix a spectre vulnerability\n\nAs warned by smatch:\n\tdrivers/staging/media/av7110/av7110_ca.c:270 dvb_ca_ioctl() warn: potential spectre issue \u0027av7110-\u003eci_slot\u0027 [w] (local cap)\n\nThere is a spectre-related vulnerability at the code. Fix it."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-05-04T09:50:56.203Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/f3927206c478bd249c225414f7a751752a30e7b9"
        },
        {
          "url": "https://git.kernel.org/stable/c/458ea1c0be991573ec436aa0afa23baacfae101a"
        }
      ],
      "title": "media: av7110: fix a spectre vulnerability",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2024-50289",
    "datePublished": "2024-11-19T01:30:34.029Z",
    "dateReserved": "2024-10-21T19:36:19.984Z",
    "dateUpdated": "2025-05-04T09:50:56.203Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Log in or create an account to share your comment.

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.