How severe is CVE-2024-42237?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 5.5 out of 10.

What type of vulnerability is CVE-2024-42237?

This is classified as CWE-834, which is a common weakness in software security.

CVE-2024-42237

MEDIUM Year: 2024

CVSS v3 Score

5.5

Medium

Weakness Type

CWE-834

View all →

Vulnerability Description

In the Linux kernel, the following vulnerability has been resolved: firmware: cs_dsp: Validate payload length before processing block Move the payload length check in cs_dsp_load() and cs_dsp_coeff_load() to be done before the block is processed. The check that the length of a block payload does not exceed the number of remaining bytes in the firwmware file buffer was being done near the end of the loop iteration. However, some code before that check used the length field without validating it.

CVE-2017-0775

MEDIUM

CVSS:5.5(Medium)

A denial of service vulnerability in the Android media framework (libstagefright). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-62673179.

CWE-8342017

CVE-2017-11549

MEDIUM

CVSS:5.5(Medium)

The play_midi function in playmidi.c in TiMidity++ 2.14.0 allows remote attackers to cause a denial of service (large loop and CPU consumption) via a crafted mid file. NOTE: CPU consumption might be r...

CWE-8342017

CVE-2017-13279

MEDIUM

CVSS:5.5(Medium)

In M3UParser::parse of M3UParser.cpp, there is a memory resource exhaustion due to a large loop of pushing items into a vector. This could lead to remote denial of service with no additional execution...

CWE-8342017

CVE-2017-9253

MEDIUM

CVSS:5.5(Medium)

The mp4ff_read_stsd function in common/mp4ff/mp4atom.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.7 allows remote attackers to cause a denial of service (large loop and CPU consumption) via a craf...

CWE-8342017

CVE-2017-9254

MEDIUM

CVSS:5.5(Medium)

The mp4ff_read_stts function in common/mp4ff/mp4atom.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.7 allows remote attackers to cause a denial of service (large loop and CPU consumption) via a craf...

CWE-8342017

CVE-2017-9255

MEDIUM

CVSS:5.5(Medium)

The mp4ff_read_stsc function in common/mp4ff/mp4atom.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.7 allows remote attackers to cause a denial of service (large loop and CPU consumption) via a craf...

CWE-8342017

CVE-2024-42237

Vulnerability Description

Related Vulnerabilities

CVE-2017-0775

CVE-2017-11549

CVE-2017-13279

CVE-2017-9253

CVE-2017-9254

CVE-2017-9255