CVE-2024-50287

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2024-50287
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-50287.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2024-50287
Downstream
Related
Published
2024-11-19T01:30:31.338Z
Modified
2026-05-15T11:54:33.106980302Z
Severity
  • 5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
media: v4l2-tpg: prevent the risk of a division by zero
Details

In the Linux kernel, the following vulnerability has been resolved:

media: v4l2-tpg: prevent the risk of a division by zero

As reported by Coverity, the logic at tpgprecalculateline() blindly rescales the buffer even when scaled_witdh is equal to zero. If this ever happens, this will cause a division by zero.

Instead, add a WARNONONCE() to trigger such cases and return without doing any precalculation.

Database specific 
{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/50xxx/CVE-2024-50287.json",
    "cna_assigner": "Linux"
}
References

Affected packages

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
3.18.0
Fixed
4.19.324
Type
ECOSYSTEM
Events
Introduced
4.20.0
Fixed
5.4.286
Type
ECOSYSTEM
Events
Introduced
5.5.0
Fixed
5.10.230
Type
ECOSYSTEM
Events
Introduced
5.11.0
Fixed
5.15.172
Type
ECOSYSTEM
Events
Introduced
5.16.0
Fixed
6.1.117
Type
ECOSYSTEM
Events
Introduced
6.2.0
Fixed
6.6.61
Type
ECOSYSTEM
Events
Introduced
6.7.0
Fixed
6.11.8

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-50287.json"