CVE-2024-47753

media: mediatek: vcodec: Fix VP8 stateless decoder smatch warning

Description

In the Linux kernel, the following vulnerability has been resolved: media: mediatek: vcodec: Fix VP8 stateless decoder smatch warning Fix a smatch static checker warning on vdec_vp8_req_if.c. Which leads to a kernel crash when fb is NULL.

References

Link	Tags
https://git.kernel.org/stable/c/4e0713c79cf5d0b549fa855e230ade1ff83c27d7
https://git.kernel.org/stable/c/dbe5b7373801c261f3ea118145fbb2caac5f9324	patch
https://git.kernel.org/stable/c/35cc704622b3a9bc02a4755d5ba80238eee3cdc2	patch
https://git.kernel.org/stable/c/3167aa42941b68405a092df114453ef0f1b09c2c	patch
https://git.kernel.org/stable/c/b113bc7c0e83b32f4dd2d291a2b6c4803e0a2c44	patch

Frequently Asked Questions

What is the severity of CVE-2024-47753?: CVE-2024-47753 has been scored as a medium severity vulnerability.
How to fix CVE-2024-47753?: To fix CVE-2024-47753, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2024-47753 being actively exploited in the wild?: As for now, there are no information to confirm that CVE-2024-47753 is being actively exploited. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2024-47753?: CVE-2024-47753 affects Linux Linux, Linux Linux.

This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.

Description

Category

CWE-476 – NULL Pointer Dereference

References

Frequently Asked Questions