CVE-2024-27075
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
01/05/2024
Last modified:
23/12/2025
Description
In the Linux kernel, the following vulnerability has been resolved:<br />
<br />
media: dvb-frontends: avoid stack overflow warnings with clang<br />
<br />
A previous patch worked around a KASAN issue in stv0367, now a similar<br />
problem showed up with clang:<br />
<br />
drivers/media/dvb-frontends/stv0367.c:1222:12: error: stack frame size (3624) exceeds limit (2048) in &#39;stv0367ter_set_frontend&#39; [-Werror,-Wframe-larger-than]<br />
1214 | static int stv0367ter_set_frontend(struct dvb_frontend *fe)<br />
<br />
Rework the stv0367_writereg() function to be simpler and mark both<br />
register access functions as noinline_for_stack so the temporary<br />
i2c_msg structures do not get duplicated on the stack when KASAN_STACK<br />
is enabled.
Impact
Base Score 3.x
7.80
Severity 3.x
HIGH
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 4.4.168 (including) | 4.5 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 4.9.82 (including) | 4.10 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 4.14.20 (including) | 4.15 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 4.15.4 (including) | 4.19.311 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 4.20 (including) | 5.4.273 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 5.5 (including) | 5.10.214 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 5.11 (including) | 5.15.153 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 5.16 (including) | 6.1.83 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 6.2 (including) | 6.6.23 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 6.7 (including) | 6.7.11 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 6.8 (including) | 6.8.2 (excluding) |
| cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- https://git.kernel.org/stable/c/107052a8cfeff3a97326277192b4f052e4860a8a
- https://git.kernel.org/stable/c/7a4cf27d1f0538f779bf31b8c99eda394e277119
- https://git.kernel.org/stable/c/8fad9c5bb00d3a9508d18bbfe832e33a47377730
- https://git.kernel.org/stable/c/c073c8cede5abd3836e83d70d72606d11d0759d4
- https://git.kernel.org/stable/c/d20b64f156de5d10410963fe238d82a4e7e97a2f
- https://git.kernel.org/stable/c/d6b4895197ab5a47cb81c6852d49320b05052960
- https://git.kernel.org/stable/c/ed514ecf4f29c80a2f09ae3c877059b401efe893
- https://git.kernel.org/stable/c/fa8b472952ef46eb632825051078c21ce0cafe55
- https://git.kernel.org/stable/c/fb07104a02e87c06c39914d13ed67fd8f839ca82
- https://git.kernel.org/stable/c/107052a8cfeff3a97326277192b4f052e4860a8a
- https://git.kernel.org/stable/c/7a4cf27d1f0538f779bf31b8c99eda394e277119
- https://git.kernel.org/stable/c/8fad9c5bb00d3a9508d18bbfe832e33a47377730
- https://git.kernel.org/stable/c/c073c8cede5abd3836e83d70d72606d11d0759d4
- https://git.kernel.org/stable/c/d20b64f156de5d10410963fe238d82a4e7e97a2f
- https://git.kernel.org/stable/c/d6b4895197ab5a47cb81c6852d49320b05052960
- https://git.kernel.org/stable/c/ed514ecf4f29c80a2f09ae3c877059b401efe893
- https://git.kernel.org/stable/c/fa8b472952ef46eb632825051078c21ce0cafe55
- https://git.kernel.org/stable/c/fb07104a02e87c06c39914d13ed67fd8f839ca82
- https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html
- https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html