PT-2024-32795 · Linux+6 · Linux Kernel+6

Published

2024-06-13

Updated

2026-03-13

CVE-2024-47752

CVSS v2.0

6.8

Medium

Vector

AV:L/AC:L/Au:S/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.6.58

Description A vulnerability in the Linux kernel has been identified, which can lead to a kernel crash when the fb variable is NULL. The issue is related to a smatch static checker warning in the vdec h264 req if.c file, specifically affecting the H264 stateless decoder.

Recommendations For versions prior to 6.6.58, update to version 6.6.58 or later to resolve the issue. As a temporary workaround, consider restricting access to the vulnerable vdec h264 req if.c file until a patch is available.

Exploit

Fix

Use After Free

NULL Pointer Dereference

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-416CWE-476

Related Identifiers

ALSA-2025_16880

ALT-PU-2024-14046

AZL-50637

BDU:2024-08995

BDU:2025-13767

CVE-2024-47752

ECHO-FA1F-136F-F5DD

MGASA-2024-0344

MGASA-2024-0345

OESA-2024-2367

OPENSUSE-SU-2024:14500-1

OPENSUSE-SU-2024_3984-1

OPENSUSE-SU-2024_3986-1

OPENSUSE-SU-2025:14705-1

SUSE-SU-2024:3984-1

SUSE-SU-2024:3986-1

SUSE-SU-2024:4318-1

SUSE-SU-2024:4387-1

SUSE-SU-2025:20163-1

SUSE-SU-2025:20164-1

SUSE-SU-2025:20246-1

SUSE-SU-2025:20247-1

USN-7276-1

USN-7277-1

USN-7301-1

USN-7303-1

USN-7303-2

USN-7303-3

USN-7304-1

USN-7310-1

USN-7311-1

USN-7384-1

USN-7384-2

USN-7385-1

USN-7386-1

USN-7403-1

Affected Products

Alt Linux

Astra Linux

Debian

Linuxmint

Linux Kernel

Suse

Ubuntu

PT-2024-32795 · Linux+6 · Linux Kernel+6

CVE-2024-47752

Weakness Enumeration

Related Identifiers

Affected Products

References · 2304