CVE-2024-27075

media: dvb-frontends: avoid stack overflow warnings with clang

Description

In the Linux kernel, the following vulnerability has been resolved: media: dvb-frontends: avoid stack overflow warnings with clang A previous patch worked around a KASAN issue in stv0367, now a similar problem showed up with clang: drivers/media/dvb-frontends/stv0367.c:1222:12: error: stack frame size (3624) exceeds limit (2048) in 'stv0367ter_set_frontend' [-Werror,-Wframe-larger-than] 1214 | static int stv0367ter_set_frontend(struct dvb_frontend *fe) Rework the stv0367_writereg() function to be simpler and mark both register access functions as noinline_for_stack so the temporary i2c_msg structures do not get duplicated on the stack when KASAN_STACK is enabled.

N/A
CVSS
Severity:
EPSS 0.27%
Affected: Linux Linux
Affected: Linux Linux
Published at:
Updated at:

References

Link Tags
https://git.kernel.org/stable/c/c073c8cede5abd3836e83d70d72606d11d0759d4
https://git.kernel.org/stable/c/fa8b472952ef46eb632825051078c21ce0cafe55
https://git.kernel.org/stable/c/fb07104a02e87c06c39914d13ed67fd8f839ca82
https://git.kernel.org/stable/c/d20b64f156de5d10410963fe238d82a4e7e97a2f
https://git.kernel.org/stable/c/107052a8cfeff3a97326277192b4f052e4860a8a
https://git.kernel.org/stable/c/8fad9c5bb00d3a9508d18bbfe832e33a47377730
https://git.kernel.org/stable/c/d6b4895197ab5a47cb81c6852d49320b05052960
https://git.kernel.org/stable/c/ed514ecf4f29c80a2f09ae3c877059b401efe893
https://git.kernel.org/stable/c/7a4cf27d1f0538f779bf31b8c99eda394e277119
https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html
https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html

Frequently Asked Questions

What is the severity of CVE-2024-27075?
CVE-2024-27075 has not yet been assigned a CVSS score.
How to fix CVE-2024-27075?
To fix CVE-2024-27075, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2024-27075 being actively exploited in the wild?
As for now, there are no information to confirm that CVE-2024-27075 is being actively exploited. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2024-27075?
CVE-2024-27075 affects Linux Linux, Linux Linux.
This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.
© 2025 Under My Watch. All Rights Reserved.