CVE-2024-43831

In the Linux kernel, the following vulnerability has been resolved: media: mediatek: vcodec: Handle invalid decoder vsi Handle an invalid decoder vsi in vpu_dec_init to ensure the decoder vsi is valid for future use.

CVSS v3 5.5 MEDIUM

5.5^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://git.kernel.org/stable/c/1c109f23b271a02b9bb195c173fab41e3285a8db	Patch
https://git.kernel.org/stable/c/59d438f8e02ca641c58d77e1feffa000ff809e9f	Patch
https://git.kernel.org/stable/c/cdf05ae76198c513836bde4eb55f099c44773280	Patch
https://git.kernel.org/stable/c/dbd3e4adb98e50ede74f00b3fa956fa29ef95e6c	Patch
https://lists.debian.org/debian-lts-announce/2025/05/msg00045.html

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::

History

03 Nov 2025, 20:16

Type	Values Removed	Values Added
References		() https://lists.debian.org/debian-lts-announce/2025/05/msg00045.html -

10 Oct 2025, 13:52

Type	Values Removed	Values Added
CPE		cpe:2.3:o:linux:linux_kernel::::::::
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 5.5
First Time		Linux Linux linux Kernel
CWE		NVD-CWE-noinfo
References	~~() https://git.kernel.org/stable/c/1c109f23b271a02b9bb195c173fab41e3285a8db -~~	() https://git.kernel.org/stable/c/1c109f23b271a02b9bb195c173fab41e3285a8db - Patch
References	~~() https://git.kernel.org/stable/c/59d438f8e02ca641c58d77e1feffa000ff809e9f -~~	() https://git.kernel.org/stable/c/59d438f8e02ca641c58d77e1feffa000ff809e9f - Patch
References	~~() https://git.kernel.org/stable/c/cdf05ae76198c513836bde4eb55f099c44773280 -~~	() https://git.kernel.org/stable/c/cdf05ae76198c513836bde4eb55f099c44773280 - Patch
References	~~() https://git.kernel.org/stable/c/dbd3e4adb98e50ede74f00b3fa956fa29ef95e6c -~~	() https://git.kernel.org/stable/c/dbd3e4adb98e50ede74f00b3fa956fa29ef95e6c - Patch

13 Mar 2025, 13:15

Type	Values Removed	Values Added
References		() https://git.kernel.org/stable/c/dbd3e4adb98e50ede74f00b3fa956fa29ef95e6c -

Information

Published : 2024-08-17 10:15

Updated : 2025-11-03 20:16

NVD link : CVE-2024-43831

Mitre link : CVE-2024-43831

CVE.ORG link : CVE-2024-43831

JSON object : View

Products Affected

linux

linux_kernel

CWE

NVD-CWE-noinfo

5.5 /10