PT-2024-29796 · Linux+6 · Linux Kernel+6

Dan Carpenter

·

Published

2024-05-03

·

Updated

2025-09-29

·

CVE-2024-42223

CVSS v3.1

5.5

Medium

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)
Description The issue is related to an integer overflow in the tda10048 function of the Linux kernel's media component. Specifically, the state->xtal hz value can be up to 16M, which can cause an overflow when multiplied by pll mfactor due to the 32-bit integer limit. To resolve this, a new 64-bit variable is created to hold the calculations. The vulnerability can be exploited to cause a denial of service.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Integer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-190

Related Identifiers

ALSA-2025_16880
ALT-PU-2024-10465
ALT-PU-2024-10467
ALT-PU-2024-10855
ALT-PU-2024-11524
ALT-PU-2024-12537
ALT-PU-2024-13979
ALT-PU-2024-14046
AZL-47364
AZL-47397
BDU:2025-01419
CVE-2024-42223
DLA-4008-1
DSA-5747-1
MGASA-2024-0277
MGASA-2024-0278
OESA-2024-1992
OESA-2024-1993
OESA-2024-1994
OESA-2024-1995
OESA-2024-1996
OPENSUSE-SU-2024_3190-1
OPENSUSE-SU-2024_3209-1
OPENSUSE-SU-2024_3483-1
SUSE-SU-2024:2892-1
SUSE-SU-2024:2901-1
SUSE-SU-2024:2940-1
SUSE-SU-2024:3190-1
SUSE-SU-2024:3194-1
SUSE-SU-2024:3195-1
SUSE-SU-2024:3209-1
SUSE-SU-2024:3383-1
SUSE-SU-2024:3483-1
SUSE-SU-2025:20044-1
SUSE-SU-2025:20047-1
USN-7003-1
USN-7003-2
USN-7003-3
USN-7003-4
USN-7003-5
USN-7006-1
USN-7007-1
USN-7007-2
USN-7007-3
USN-7009-1
USN-7009-2
USN-7019-1
USN-7069-1
USN-7069-2
USN-7089-1
USN-7089-2
USN-7089-3
USN-7089-4
USN-7089-5
USN-7089-6
USN-7089-7
USN-7090-1
USN-7095-1
USN-7110-1
USN-7156-1

Affected Products

Alt Linux
Astra Linux
Linuxmint
Linux Kernel
Red Os
Suse
Ubuntu