PT-2024-35526 · Linux+3 · Linux Kernel+3

Published

2024-10-18

Updated

2025-09-29

CVE-2024-53062

CVSS v3.1

7.1

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A vulnerability has been resolved in the Linux kernel, specifically in the media driver mgb4, which was vulnerable to Spectre attacks. The frequency range is set from sysfs via the frequency range store() function, and the issue was reported by smatch. The vulnerability is related to potential Spectre issues in the mgb4 cmt set vin freq range() function, specifically with the cmt vals in and reg set variables.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Improper Validation of Array Index

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-129

Related Identifiers

ALSA-2025_16880

ALT-PU-2024-17211

BDU:2025-07228

CVE-2024-53062

USN-7276-1

USN-7277-1

USN-7310-1

USN-7449-1

USN-7449-2

USN-7450-1

USN-7451-1

USN-7452-1

USN-7453-1

USN-7468-1

USN-7523-1

USN-7524-1

Affected Products

Alt Linux

Linuxmint

Linux Kernel

Ubuntu

PT-2024-35526 · Linux+3 · Linux Kernel+3

CVE-2024-53062

Weakness Enumeration

Related Identifiers

Affected Products

References · 1084