CVE-2024-24861 LOW

CVE-2024-24861: Race condition vulnerability in Linux kernel media/xc4000 xc4000_get_frequency()

Vendor Linux
Product Linux kernel
Weakness CWE-362
Published February 5, 2024
Last update February 13, 2025

CVSS base score

3.3/10
Attack vector Local
Attack complexity High
Privileges required Low
User interaction Required
Confidentiality None
Integrity Low

CVSS vector

CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:L/A:L

What the vulnerability does

01Description

A race condition was found in the Linux kernel's media/xc4000 device driver in xc4000 xc4000_get_frequency() function. This can result in return value overflow issue, possibly leading to malfunction or denial of service issue.

Key dates

02Disclosure timeline

February 5, 2024 CVE published
February 13, 2025 Record updated