CVE-2024-50288

MEDIUM 5.5

media: vivid: fix buffer overwrite when using > 32 buffers

CVSS Score

5.5

EPSS Score

0.0%

EPSS Percentile

0th

In the Linux kernel, the following vulnerability has been resolved: media: vivid: fix buffer overwrite when using > 32 buffers The maximum number of buffers that can be requested was increased to 64 for the video capture queue. But video capture used a must_blank array that was still sized for 32 (VIDEO_MAX_FRAME). This caused an out-of-bounds write when using buffer indices >= 32. Create a new define MAX_VID_CAP_BUFFERS that is used to access the must_blank array and set max_num_buffers for the video capture queue. This solves a crash reported by: https://bugzilla.kernel.org/show_bug.cgi?id=219258

Vendor	linux
Product	linux
Ecosystems	Linux Kernel
Industries	Technology
Published	Nov 19, 2024
Last Updated	May 11, 2026

Stay Ahead of the Next One

Get instant alerts for linux linux

Be the first to know when new medium vulnerabilities affecting linux linux are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

Linux / Linux

cea70ed416b428f8214be196d62cc7ffaa11f1b8 < e6bacd8f2178b22859fe6d9f755f19dfcd9d3862 cea70ed416b428f8214be196d62cc7ffaa11f1b8 < 96d8569563916fe2f8fe17317e20e43f54f9ba4b

Linux / Linux

6.8

References

NVD ↗ CVE.org ↗ EPSS Data ↗

git.kernel.org: https://git.kernel.org/stable/c/e6bacd8f2178b22859fe6d9f755f19dfcd9d3862 git.kernel.org: https://git.kernel.org/stable/c/96d8569563916fe2f8fe17317e20e43f54f9ba4b