{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-35919", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2024-05-17T13:50:33.123Z", "datePublished": "2024-05-19T10:10:31.707Z", "dateUpdated": "2024-11-05T09:25:02.329Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-11-05T09:25:02.329Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: mediatek: vcodec: adding lock to protect encoder context list\n\nAdd a lock for the ctx_list, to avoid accessing a NULL pointer\nwithin the 'vpu_enc_ipi_handler' function when the ctx_list has\nbeen deleted due to an unexpected behavior on the SCP IP block."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/media/platform/mediatek/vcodec/common/mtk_vcodec_fw_vpu.c", "drivers/media/platform/mediatek/vcodec/encoder/mtk_vcodec_enc_drv.c", "drivers/media/platform/mediatek/vcodec/encoder/mtk_vcodec_enc_drv.h", "drivers/media/platform/mediatek/vcodec/encoder/venc_vpu_if.c"], "versions": [{"version": "1972e32431ed", "lessThan": "41671f0c0182", "status": "affected", "versionType": "git"}, {"version": "1972e32431ed", "lessThan": "51c84a8aac6e", "status": "affected", "versionType": "git"}, {"version": "1972e32431ed", "lessThan": "afaaf3a0f647", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/media/platform/mediatek/vcodec/common/mtk_vcodec_fw_vpu.c", "drivers/media/platform/mediatek/vcodec/encoder/mtk_vcodec_enc_drv.c", "drivers/media/platform/mediatek/vcodec/encoder/mtk_vcodec_enc_drv.h", "drivers/media/platform/mediatek/vcodec/encoder/venc_vpu_if.c"], "versions": [{"version": "6.6", "status": "affected"}, {"version": "0", "lessThan": "6.6", "status": "unaffected", "versionType": "semver"}, {"version": "6.6.27", "lessThanOrEqual": "6.6.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.8.6", "lessThanOrEqual": "6.8.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.9", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "references": [{"url": "https://git.kernel.org/stable/c/41671f0c0182b2bae74ca7e3b0f155559e3e2fc5"}, {"url": "https://git.kernel.org/stable/c/51c84a8aac6e3b59af2b0e92ba63cabe2e641a2d"}, {"url": "https://git.kernel.org/stable/c/afaaf3a0f647a24a7bf6a2145d8ade37baaf75ad"}], "title": "media: mediatek: vcodec: adding lock to protect encoder context list", "x_generator": {"engine": "bippy-9e1c9544281a"}}, "adp": [{"problemTypes": [{"descriptions": [{"type": "CWE", "lang": "en", "description": "CWE-noinfo Not enough information"}]}], "affected": [{"vendor": "linux", "product": "linux_kernel", "cpes": ["cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "1972e32431ed", "status": "affected", "lessThan": "41671f0c0182", "versionType": "custom"}, {"version": "1972e32431ed", "status": "affected", "lessThan": "51c84a8aac6e", "versionType": "custom"}, {"version": "1972e32431ed", "status": "affected", "lessThan": "afaaf3a0f647", "versionType": "custom"}, {"version": "6.6", "status": "affected"}, {"version": "0", "status": "affected", "lessThan": "6.6*", "versionType": "custom"}, {"version": "6.6.27", "status": "affected", "lessThanOrEqual": "6.6*", "versionType": "custom"}, {"version": "6.8.6", "status": "affected", "lessThanOrEqual": "6.8*", "versionType": "custom"}, {"version": "6.9", "status": "affected", "lessThanOrEqual": "*", "versionType": "custom"}]}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2024-10-31T14:03:42.763507Z", "id": "CVE-2024-35919", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-10-31T14:08:27.502Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T03:21:49.013Z"}, "title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/41671f0c0182b2bae74ca7e3b0f155559e3e2fc5", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/51c84a8aac6e3b59af2b0e92ba63cabe2e641a2d", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/afaaf3a0f647a24a7bf6a2145d8ade37baaf75ad", "tags": ["x_transferred"]}]}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/41671f0c0182b2bae74ca7e3b0f155559e3e2fc5", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/51c84a8aac6e3b59af2b0e92ba63cabe2e641a2d", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/afaaf3a0f647a24a7bf6a2145d8ade37baaf75ad", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T03:21:49.013Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2024-35919", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-10-31T14:03:42.763507Z"}}}], "affected": [{"cpes": ["cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"], "vendor": "linux", "product": "linux_kernel", "versions": [{"status": "affected", "version": "1972e32431ed", "lessThan": "41671f0c0182", "versionType": "custom"}, {"status": "affected", "version": "1972e32431ed", "lessThan": "51c84a8aac6e", "versionType": "custom"}, {"status": "affected", "version": "1972e32431ed", "lessThan": "afaaf3a0f647", "versionType": "custom"}, {"status": "affected", "version": "6.6"}, {"status": "affected", "version": "0", "lessThan": "6.6*", "versionType": "custom"}, {"status": "affected", "version": "6.6.27", "versionType": "custom", "lessThanOrEqual": "6.6*"}, {"status": "affected", "version": "6.8.6", "versionType": "custom", "lessThanOrEqual": "6.8*"}, {"status": "affected", "version": "6.9", "versionType": "custom", "lessThanOrEqual": "*"}], "defaultStatus": "unknown"}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "description": "CWE-noinfo Not enough information"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-18T16:52:26.945Z"}}], "cna": {"title": "media: mediatek: vcodec: adding lock to protect encoder context list", "affected": [{"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "1972e32431ed", "lessThan": "41671f0c0182", "versionType": "git"}, {"status": "affected", "version": "1972e32431ed", "lessThan": "51c84a8aac6e", "versionType": "git"}, {"status": "affected", "version": "1972e32431ed", "lessThan": "afaaf3a0f647", "versionType": "git"}], "programFiles": ["drivers/media/platform/mediatek/vcodec/common/mtk_vcodec_fw_vpu.c", "drivers/media/platform/mediatek/vcodec/encoder/mtk_vcodec_enc_drv.c", "drivers/media/platform/mediatek/vcodec/encoder/mtk_vcodec_enc_drv.h", "drivers/media/platform/mediatek/vcodec/encoder/venc_vpu_if.c"], "defaultStatus": "unaffected"}, {"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "6.6"}, {"status": "unaffected", "version": "0", "lessThan": "6.6", "versionType": "custom"}, {"status": "unaffected", "version": "6.6.27", "versionType": "custom", "lessThanOrEqual": "6.6.*"}, {"status": "unaffected", "version": "6.8.6", "versionType": "custom", "lessThanOrEqual": "6.8.*"}, {"status": "unaffected", "version": "6.9", "versionType": "original_commit_for_fix", "lessThanOrEqual": "*"}], "programFiles": ["drivers/media/platform/mediatek/vcodec/common/mtk_vcodec_fw_vpu.c", "drivers/media/platform/mediatek/vcodec/encoder/mtk_vcodec_enc_drv.c", "drivers/media/platform/mediatek/vcodec/encoder/mtk_vcodec_enc_drv.h", "drivers/media/platform/mediatek/vcodec/encoder/venc_vpu_if.c"], "defaultStatus": "affected"}], "references": [{"url": "https://git.kernel.org/stable/c/41671f0c0182b2bae74ca7e3b0f155559e3e2fc5"}, {"url": "https://git.kernel.org/stable/c/51c84a8aac6e3b59af2b0e92ba63cabe2e641a2d"}, {"url": "https://git.kernel.org/stable/c/afaaf3a0f647a24a7bf6a2145d8ade37baaf75ad"}], "x_generator": {"engine": "bippy-a5840b7849dd"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: mediatek: vcodec: adding lock to protect encoder context list\n\nAdd a lock for the ctx_list, to avoid accessing a NULL pointer\nwithin the 'vpu_enc_ipi_handler' function when the ctx_list has\nbeen deleted due to an unexpected behavior on the SCP IP block."}], "providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-05-29T05:31:15.728Z"}}}, "cveMetadata": {"cveId": "CVE-2024-35919", "state": "PUBLISHED", "dateUpdated": "2024-10-31T14:08:27.502Z", "dateReserved": "2024-05-17T13:50:33.123Z", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "datePublished": "2024-05-19T10:10:31.707Z", "assignerShortName": "Linux"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: mediatek: vcodec: adding lock to protect encoder context list\n\nAdd a lock for the ctx_list, to avoid accessing a NULL pointer\nwithin the 'vpu_enc_ipi_handler' function when the ctx_list has\nbeen deleted due to an unexpected behavior on the SCP IP block."}, {"lang": "es", "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: media: mediatek: vcodec: a\u00f1adir bloqueo para proteger la lista de contexto del codificador. Agregue un bloqueo para ctx_list, para evitar acceder a un puntero NULL dentro de la funci\u00f3n 'vpu_enc_ipi_handler' cuando se ha eliminado ctx_list debido a un comportamiento inesperado en el bloque de IP de SCP."}], "id": "CVE-2024-35919", "lastModified": "2024-10-31T14:35:15.330", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.0, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.0, "impactScore": 5.9, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2024-05-19T11:15:48.303", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/41671f0c0182b2bae74ca7e3b0f155559e3e2fc5"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/51c84a8aac6e3b59af2b0e92ba63cabe2e641a2d"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/afaaf3a0f647a24a7bf6a2145d8ade37baaf75ad"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Awaiting Analysis"}

{"bugzilla": {"description": "kernel: media: mediatek: vcodec: adding lock to protect encoder context list", "id": "2281777", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2281777"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.5", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "status": "draft"}, "details": ["In the Linux kernel, the following vulnerability has been resolved:\nmedia: mediatek: vcodec: adding lock to protect encoder context list\nAdd a lock for the ctx_list, to avoid accessing a NULL pointer\nwithin the 'vpu_enc_ipi_handler' function when the ctx_list has\nbeen deleted due to an unexpected behavior on the SCP IP block.", "A vulnerability was found in the Linux kernel's MediaTek vcodec driver, where the lack of a lock for the encoder context list (`ctx_list`) could lead to accessing a NULL pointer in the `vpu_enc_ipi_handler` function. This issue occurs when the context list is deleted unexpectedly due to a behavior in the SCP IP block."], "mitigation": {"lang": "en:us", "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."}, "name": "CVE-2024-35919", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2024-05-19T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2024-35919\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-35919\nhttps://lore.kernel.org/linux-cve-announce/2024051913-CVE-2024-35919-b10c@gregkh/T"], "statement": "Red Hat Enterprise Linux is not vulnerable to this CVE, as it does not affect the versions or configurations of the Linux kernel used in its distributions.", "threat_severity": "Moderate", "upstream_fix": "kernel 6.6.27, kernel 6.8.6, kernel 6.9"}