CVE-2024-57834

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to the fixed version

Description A null pointer dereference issue has been identified in the Linux kernel, specifically in the vidtv mux stop thread function. This issue occurs when the dvb->mux is not initialized successfully by vidtv mux init() in the vidtv start streaming() function, leading to a null pointer dereference when stopping the streaming. The issue is resolved by adjusting the timing of streaming initialization and checking it before stopping.

Recommendations For Linux kernel versions prior to the fixed version, adjust the timing of streaming initialization and check it before stopping to prevent the null pointer dereference issue. As a temporary workaround, consider disabling the vidtv mux stop thread function until a patch is available. Restrict access to the vulnerable vidtv mux module to minimize the risk of exploitation. Avoid using the dvb->mux variable in the affected API endpoints until the issue is resolved.