CVE-2024-27078

media: v4l2-tpg: fix some memleaks in tpg_alloc

Description

In the Linux kernel, the following vulnerability has been resolved: media: v4l2-tpg: fix some memleaks in tpg_alloc In tpg_alloc, resources should be deallocated in each and every error-handling paths, since they are allocated in for statements. Otherwise there would be memleaks because tpg_free is called only when tpg_alloc return 0.

Category

5.5
CVSS
Severity: Medium
CVSS 3.1 •
EPSS 0.04%
Affected: Linux Linux
Affected: Linux Linux
Published at:
Updated at:

References

Link Tags
https://git.kernel.org/stable/c/0de691ff547d86dd54c24b40a81f9c925df8dd77 patch
https://git.kernel.org/stable/c/8269ab16415f2065cd792c49b0475543936cbd79 patch
https://git.kernel.org/stable/c/94303a06e1852a366e9671fff46d19459f88cb28 patch
https://git.kernel.org/stable/c/770a57922ce36a8476c43f7400b6501c554ea511 patch
https://git.kernel.org/stable/c/6bf5c2fade8ed53b2d26fa9875e5b04f36c7145d patch
https://git.kernel.org/stable/c/4c86c772fef06f5d7a66151bac42366825db0941 patch
https://git.kernel.org/stable/c/31096da07933598da8522c54bd007376fb152a09 patch
https://git.kernel.org/stable/c/622b1cf38521569869c8f7b9fbe9e4f1a289add7 patch
https://git.kernel.org/stable/c/8cf9c5051076e0eb958f4361d50d8b0c3ee6691c patch
https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html mailing list
https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html mailing list

Frequently Asked Questions

What is the severity of CVE-2024-27078?
CVE-2024-27078 has been scored as a medium severity vulnerability.
How to fix CVE-2024-27078?
To fix CVE-2024-27078, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2024-27078 being actively exploited in the wild?
As for now, there are no information to confirm that CVE-2024-27078 is being actively exploited. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2024-27078?
CVE-2024-27078 affects Linux Linux, Linux Linux.
This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.
© 2025 Under My Watch. All Rights Reserved.