CVE-2024-56705

media: atomisp: Add check for rgby_data memory allocation failure

Description

In the Linux kernel, the following vulnerability has been resolved: media: atomisp: Add check for rgby_data memory allocation failure In ia_css_3a_statistics_allocate(), there is no check on the allocation result of the rgby_data memory. If rgby_data is not successfully allocated, it may trigger the assert(host_stats->rgby_data) assertion in ia_css_s3a_hmem_decode(). Adding a check to fix this potential issue.

N/A
CVSS
Severity:
EPSS 0.03%
Affected: Linux Linux
Affected: Linux Linux
Published at:
Updated at:

References

Link Tags
https://git.kernel.org/stable/c/51b8dc5163d2ff2bf04019f8bf7e3bd0e75bb654
https://git.kernel.org/stable/c/0c24b82bc4d12c6a58ceacbf2598cd4df63abf9a
https://git.kernel.org/stable/c/4676e50444046b498555b849e6080a5c78cdda9b
https://git.kernel.org/stable/c/02a97d9d7ff605fa4a1f908d1bd3ad8573234b61
https://git.kernel.org/stable/c/8066badaf7463194473fb4be19dbe50b11969aa0
https://git.kernel.org/stable/c/74aa783682c4d78c69d87898e40c78df1fec204e
https://git.kernel.org/stable/c/0c25ab93f2878cab07d37ca5afd302283201e5af
https://git.kernel.org/stable/c/ed61c59139509f76d3592683c90dc3fdc6e23cd6

Frequently Asked Questions

What is the severity of CVE-2024-56705?
CVE-2024-56705 has not yet been assigned a CVSS score.
How to fix CVE-2024-56705?
To fix CVE-2024-56705, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2024-56705 being actively exploited in the wild?
As for now, there are no information to confirm that CVE-2024-56705 is being actively exploited. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2024-56705?
CVE-2024-56705 affects Linux Linux, Linux Linux.
This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.
© 2025 Under My Watch. All Rights Reserved.