CVE-2024-27077

media: v4l2-mem2mem: fix a memleak in v4l2_m2m_register_entity

Description

In the Linux kernel, the following vulnerability has been resolved: media: v4l2-mem2mem: fix a memleak in v4l2_m2m_register_entity The entity->name (i.e. name) is allocated in v4l2_m2m_register_entity but isn't freed in its following error-handling paths. This patch adds such deallocation to prevent memleak of entity->name.

Category

5.5
CVSS
Severity: Medium
CVSS 3.1 •
EPSS 0.04%
Affected: Linux Linux
Affected: Linux Linux
Published at:
Updated at:

References

Link Tags
https://git.kernel.org/stable/c/3dd8abb0ed0e0a7c66d6d677c86ccb188cc39333 patch
https://git.kernel.org/stable/c/0175f2d34c85744f9ad6554f696cf0afb5bd04e4 patch
https://git.kernel.org/stable/c/afd2a82fe300032f63f8be5d6cd6981e75f8bbf2 patch
https://git.kernel.org/stable/c/dc866b69cc51af9b8509b4731b8ce2a4950cd0ef patch
https://git.kernel.org/stable/c/0c9550b032de48d6a7fa6a4ddc09699d64d9300d patch
https://git.kernel.org/stable/c/90029b9c979b60de5cb2b70ade4bbf61d561bc5d patch
https://git.kernel.org/stable/c/5dc319cc3c4f7b74f7dfba349aa26f87efb52458 patch
https://git.kernel.org/stable/c/9c23ef30e840fedc66948299509f6c2777c9cf4f patch
https://git.kernel.org/stable/c/8f94b49a5b5d386c038e355bef6347298aabd211 patch
https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html patch
https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html patch

Frequently Asked Questions

What is the severity of CVE-2024-27077?
CVE-2024-27077 has been scored as a medium severity vulnerability.
How to fix CVE-2024-27077?
To fix CVE-2024-27077, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2024-27077 being actively exploited in the wild?
As for now, there are no information to confirm that CVE-2024-27077 is being actively exploited. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2024-27077?
CVE-2024-27077 affects Linux Linux, Linux Linux.
This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.
© 2025 Under My Watch. All Rights Reserved.