CVE-2024-53061

HIGH Year: 2024
CVSS v3 Score
7.8
High
Weakness Type
CWE-191
View all →

Vulnerability Description

In the Linux kernel, the following vulnerability has been resolved: media: s5p-jpeg: prevent buffer overflows The current logic allows word to be less than 2. If this happens, there will be buffer overflows, as reported by smatch. Add extra checks to prevent it. While here, remove an unused word = 0 assignment.

Related Vulnerabilities

CVE-2014-9626

HIGH
CVSS:7.8(High)

Integer underflow in the MP4_ReadBox_String function in modules/demux/mp4/libmp4.c in VideoLAN VLC media player before 2.1.6 allows remote attackers to cause a denial of service or possibly have unspe...

CWE-1912014

CVE-2014-9883

HIGH
CVSS:7.8(High)

Integer overflow in drivers/char/diag/diag_dci.c in the Qualcomm components in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices allows attackers to gain privileges or obtain sensitive informa...

CWE-1912014

CVE-2016-10268

HIGH
CVSS:7.8(High)

tools/tiffcp.c in LibTIFF 4.0.7 allows remote attackers to cause a denial of service (integer underflow and heap-based buffer under-read) or possibly have unspecified other impact via a crafted TIFF i...

CWE-1912016

CVE-2017-18278

HIGH
CVSS:7.8(High)

An integer underflow may occur due to lack of check when received data length from font_mgr_qsee_request_service is bigger than the minimal value of the segment header, which may result in a buffer ov...

CWE-1912017

CVE-2017-3034

HIGH
CVSS:7.8(High)

Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable integer overflow vulnerability in the XML Forms Architecture (XFA) engine, rel...

CWE-1912017

CVE-2017-7367

HIGH
CVSS:7.8(High)

In all Android releases from CAF using the Linux kernel, an integer underflow vulnerability exists while processing the boot image.

CWE-1912017