CVE-2024-53061 — Integer Underflow (Wrap or Wraparound) in Linux

CWE-191 — Integer Underflow (Wrap or Wraparound)81 documents8 sources

Severity

7.8HIGHNVD

OSV8.8OSV6.7OSV6.3OSV5.5OSV4.7

EPSS

0.0%

top 97.69%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Linux Linux Kernel Debian Linux +7 more

Timeline

PublishedNov 19

Latest updateAug 14

Description

In the Linux kernel, the following vulnerability has been resolved: media: s5p-jpeg: prevent buffer overflows The current logic allows word to be less than 2. If this happens, there will be buffer overflows, as reported by smatch. Add extra checks to prevent it. While here, remove an unused word = 0 assignment.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages12 packages

▶NVDlinux/linux_kernel4.4 — 4.19.324+7

▶Debianlinux/linux_kernel< 5.10.234-1+3

▶Ubuntulinux/linux_kernel< 5.4.0-208.228+3

▶msrcmsrc/azl3_kernel_6.6.57.1-7_on_azure_linux_3.0

▶msrcmsrc/azl3_kernel_6.6.64.2-1_on_azure_linux_3.0

Patches

Patch: git.kernel.org ↗Patch: git.kernel.org ↗Patch: git.kernel.org ↗

🔴Vulnerability Details

OSV

linux-raspi-5.4 vulnerabilities↗2025-05-28

▶

OSV

linux-raspi vulnerabilities↗2025-05-28

▶

OSV

linux-raspi vulnerabilities↗2025-05-26

▶

OSV

linux-raspi-realtime vulnerabilities↗2025-05-20

▶

OSV

linux-azure-nvidia vulnerabilities↗2025-04-28

▶

📋Vendor Advisories

CISA ICS

Siemens Third-Party Components in SINEC OS↗2025-08-14

▶

Ubuntu

Linux kernel (Raspberry Pi) vulnerabilities↗2025-05-28

▶

Ubuntu

Linux kernel (Raspberry Pi) vulnerabilities↗2025-05-28

▶

Ubuntu

Linux kernel (Raspberry Pi) vulnerabilities↗2025-05-26

▶

Ubuntu

Linux kernel (Raspberry Pi Real-time) vulnerabilities↗2025-05-20

▶