Bug 1219624 (CVE-2024-24864)

Summary: VUL-0: CVE-2024-24864: kernel: null pointer dereference due to race condition in media/dvb-core in dvbdmx_write() function
Product: [Novell Products] SUSE Security Incidents Reporter: SMASH SMASH <smash_bz>
Component: IncidentsAssignee: Security Team bot <security-team>
Status: RESOLVED WONTFIX QA Contact: Security Team bot <security-team>
Severity: Normal    
Priority: P3 - Medium CC: andrea.mattiazzo, thomas.leroy, vasant.karasulli
Version: unspecified   
Target Milestone: ---   
Hardware: Other   
OS: Other   
URL: https://smash.suse.de/issue/393028/
Whiteboard: CVSSv3.1:SUSE:CVE-2024-24864:4.7:(AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H)
Found By: Security Response Team Services Priority:
Business Priority: Blocker: ---
Marketing QA Status: --- IT Deployment: ---

Description SMASH SMASH 2024-02-06 11:58:03 UTC 
A race condition was found in the Linux kernel's media/dvb-core in dvbdmx_write() function. This can result in a null pointer dereference issue, possibly leading to a kernel panic or denial of service issue.

References:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-24864
https://www.cve.org/CVERecord?id=CVE-2024-24864
https://bugzilla.openanolis.cn/show_bug.cgi?id=8178
Comment 6 Takashi Iwai 2024-03-04 10:56:01 UTC 
The upstream doesn't fix this, and the suggested bug is harmless in practice, as there is already another mutex held in the code path in drivers/media/dvb-core/dmxdev.c.

This should be disputed / WONTFIX.

Reasigned back to security team.
Comment 7 Thomas Leroy 2024-07-05 15:19:45 UTC 
Agreed for WONTFIX, closing