#VU100733 Buffer overflow in Linux kernel - CVE-2024-53061

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to memory corruption within the exynos4_jpeg_parse_decode_h_tbl(), get_word_be() and s5p_jpeg_parse_hdr() functions in drivers/media/platform/s5p-jpeg/jpeg-core.c. A local user can escalate privileges on the system.

Remediation

External links

• https://git.kernel.org/stable/c/c5f6fefcda8fac8f082b6c5bf416567f4e100c51
• https://git.kernel.org/stable/c/e5117f6e7adcf9fd7546cdd0edc9abe4474bc98b
• https://git.kernel.org/stable/c/f54e8e1e39dacccebcfb9a9a36f0552a0a97e2ef
• https://git.kernel.org/stable/c/a930cddfd153b5d4401df0c01effa14c831ff21e
• https://git.kernel.org/stable/c/c85db2d4432de4ff9d97006691ce2dcb5bda660e
• https://git.kernel.org/stable/c/784bc785a453eb2f8433dd62075befdfa1b2d6fd
• https://git.kernel.org/stable/c/c951a0859fdacf49a2298b5551a7e52b95ff6f51
• https://git.kernel.org/stable/c/14a22762c3daeac59a5a534e124acbb4d7a79b3a
• https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.324
• https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.230
• https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.172
• https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.286
• https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.1.117
• https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.11.8
• https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.12
• https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.6.61