Unrated severityNVD Advisory· Published Feb 27, 2025· Updated Nov 3, 2025
media: uvcvideo: Remove dangling pointers
CVE-2024-58002
Description
In the Linux kernel, the following vulnerability has been resolved:
media: uvcvideo: Remove dangling pointers
When an async control is written, we copy a pointer to the file handle that started the operation. That pointer will be used when the device is done. Which could be anytime in the future.
If the user closes that file descriptor, its structure will be freed, and there will be one dangling pointer per pending async control, that the driver will try to use.
Clean all the dangling pointers during release().
To avoid adding a performance penalty in the most common case (no async operation), a counter has been introduced with some logic to make sure that it is properly handled.
Affected products
141- osv-coords139 versionspkg:deb/ubuntu/linux-aws@6.11.0-1014.15?arch=source&distro=oracularpkg:rpm/almalinux/bpftoolpkg:rpm/almalinux/kernelpkg:rpm/almalinux/kernel-64kpkg:rpm/almalinux/kernel-64k-corepkg:rpm/almalinux/kernel-64k-debugpkg:rpm/almalinux/kernel-64k-debug-corepkg:rpm/almalinux/kernel-64k-debug-develpkg:rpm/almalinux/kernel-64k-debug-devel-matchedpkg:rpm/almalinux/kernel-64k-debug-modulespkg:rpm/almalinux/kernel-64k-debug-modules-corepkg:rpm/almalinux/kernel-64k-debug-modules-extrapkg:rpm/almalinux/kernel-64k-develpkg:rpm/almalinux/kernel-64k-devel-matchedpkg:rpm/almalinux/kernel-64k-modulespkg:rpm/almalinux/kernel-64k-modules-corepkg:rpm/almalinux/kernel-64k-modules-extrapkg:rpm/almalinux/kernel-abi-stablelistspkg:rpm/almalinux/kernel-corepkg:rpm/almalinux/kernel-cross-headerspkg:rpm/almalinux/kernel-debugpkg:rpm/almalinux/kernel-debug-corepkg:rpm/almalinux/kernel-debug-develpkg:rpm/almalinux/kernel-debug-devel-matchedpkg:rpm/almalinux/kernel-debug-modulespkg:rpm/almalinux/kernel-debug-modules-corepkg:rpm/almalinux/kernel-debug-modules-extrapkg:rpm/almalinux/kernel-debug-uki-virtpkg:rpm/almalinux/kernel-develpkg:rpm/almalinux/kernel-devel-matchedpkg:rpm/almalinux/kernel-docpkg:rpm/almalinux/kernel-headerspkg:rpm/almalinux/kernel-modulespkg:rpm/almalinux/kernel-modules-corepkg:rpm/almalinux/kernel-modules-extrapkg:rpm/almalinux/kernel-rtpkg:rpm/almalinux/kernel-rt-64kpkg:rpm/almalinux/kernel-rt-64k-corepkg:rpm/almalinux/kernel-rt-64k-debugpkg:rpm/almalinux/kernel-rt-64k-debug-corepkg:rpm/almalinux/kernel-rt-64k-debug-develpkg:rpm/almalinux/kernel-rt-64k-debug-modulespkg:rpm/almalinux/kernel-rt-64k-debug-modules-corepkg:rpm/almalinux/kernel-rt-64k-debug-modules-extrapkg:rpm/almalinux/kernel-rt-64k-develpkg:rpm/almalinux/kernel-rt-64k-modulespkg:rpm/almalinux/kernel-rt-64k-modules-corepkg:rpm/almalinux/kernel-rt-64k-modules-extrapkg:rpm/almalinux/kernel-rt-corepkg:rpm/almalinux/kernel-rt-debugpkg:rpm/almalinux/kernel-rt-debug-corepkg:rpm/almalinux/kernel-rt-debug-develpkg:rpm/almalinux/kernel-rt-debug-kvmpkg:rpm/almalinux/kernel-rt-debug-modulespkg:rpm/almalinux/kernel-rt-debug-modules-corepkg:rpm/almalinux/kernel-rt-debug-modules-extrapkg:rpm/almalinux/kernel-rt-develpkg:rpm/almalinux/kernel-rt-kvmpkg:rpm/almalinux/kernel-rt-modulespkg:rpm/almalinux/kernel-rt-modules-corepkg:rpm/almalinux/kernel-rt-modules-extrapkg:rpm/almalinux/kernel-toolspkg:rpm/almalinux/kernel-tools-libspkg:rpm/almalinux/kernel-tools-libs-develpkg:rpm/almalinux/kernel-uki-virtpkg:rpm/almalinux/kernel-uki-virt-addonspkg:rpm/almalinux/kernel-zfcpdumppkg:rpm/almalinux/kernel-zfcpdump-corepkg:rpm/almalinux/kernel-zfcpdump-develpkg:rpm/almalinux/kernel-zfcpdump-devel-matchedpkg:rpm/almalinux/kernel-zfcpdump-modulespkg:rpm/almalinux/kernel-zfcpdump-modules-corepkg:rpm/almalinux/kernel-zfcpdump-modules-extrapkg:rpm/almalinux/libperfpkg:rpm/almalinux/perfpkg:rpm/almalinux/python3-perfpkg:rpm/almalinux/rtlapkg:rpm/almalinux/rvpkg:rpm/opensuse/dtb-aarch64&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/kernel-64kb&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/kernel-azure&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/kernel-debug&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/kernel-default-base&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/kernel-default&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/kernel-docs&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/kernel-kvmsmall&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/kernel-obs-build&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/kernel-obs-qa&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/kernel-rt_debug&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/kernel-rt&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/kernel-source-azure&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/kernel-source&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/kernel-source-rt&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/kernel-syms-azure&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/kernel-syms&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/kernel-syms-rt&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/kernel-zfcpdump&distro=openSUSE%20Leap%2015.6pkg:rpm/suse/kernel-64kb&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP6pkg:rpm/suse/kernel-azure&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP6pkg:rpm/suse/kernel-coco_debug&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Confidential%20Computing%20Technical%20Preview%2015%20SP6pkg:rpm/suse/kernel-coco&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Confidential%20Computing%20Technical%20Preview%2015%20SP6pkg:rpm/suse/kernel-default-base&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP6pkg:rpm/suse/kernel-default-base&distro=SUSE%20Linux%20Micro%206.0pkg:rpm/suse/kernel-default-base&distro=SUSE%20Linux%20Micro%206.1pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20High%20Availability%20Extension%2015%20SP6pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP6pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP6pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Legacy%2015%20SP6pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2015%20SP6pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Micro%206.0pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Micro%206.1pkg:rpm/suse/kernel-docs&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP6pkg:rpm/suse/kernel-kvmsmall&distro=SUSE%20Linux%20Micro%206.0pkg:rpm/suse/kernel-kvmsmall&distro=SUSE%20Linux%20Micro%206.1pkg:rpm/suse/kernel-livepatch-MICRO-6-0-RT_Update_6&distro=SUSE%20Linux%20Micro%206.0pkg:rpm/suse/kernel-livepatch-MICRO-6-0-RT_Update_6&distro=SUSE%20Linux%20Micro%206.1pkg:rpm/suse/kernel-livepatch-MICRO-6-0_Update_6&distro=SUSE%20Linux%20Micro%206.0pkg:rpm/suse/kernel-livepatch-MICRO-6-0_Update_6&distro=SUSE%20Linux%20Micro%206.1pkg:rpm/suse/kernel-livepatch-SLE15-SP6-RT_Update_10&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP6pkg:rpm/suse/kernel-livepatch-SLE15-SP6_Update_10&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP6pkg:rpm/suse/kernel-obs-build&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP6pkg:rpm/suse/kernel-rt_debug&distro=SUSE%20Real%20Time%20Module%2015%20SP6pkg:rpm/suse/kernel-rt&distro=SUSE%20Linux%20Micro%206.0pkg:rpm/suse/kernel-rt&distro=SUSE%20Linux%20Micro%206.1pkg:rpm/suse/kernel-rt&distro=SUSE%20Real%20Time%20Module%2015%20SP6pkg:rpm/suse/kernel-source-azure&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP6pkg:rpm/suse/kernel-source-coco&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Confidential%20Computing%20Technical%20Preview%2015%20SP6pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP6pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP6pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Micro%206.0pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Micro%206.1pkg:rpm/suse/kernel-source-rt&distro=SUSE%20Linux%20Micro%206.0pkg:rpm/suse/kernel-source-rt&distro=SUSE%20Linux%20Micro%206.1pkg:rpm/suse/kernel-source-rt&distro=SUSE%20Real%20Time%20Module%2015%20SP6pkg:rpm/suse/kernel-syms-azure&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP6pkg:rpm/suse/kernel-syms-coco&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Confidential%20Computing%20Technical%20Preview%2015%20SP6pkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP6pkg:rpm/suse/kernel-syms-rt&distro=SUSE%20Real%20Time%20Module%2015%20SP6pkg:rpm/suse/kernel-zfcpdump&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP6
< 6.11.0-1014.15+ 138 more
- (no CPE)range: < 6.11.0-1014.15
- (no CPE)range: < 4.18.0-553.62.1.el8_10
- (no CPE)range: < 4.18.0-553.62.1.el8_10
- (no CPE)range: < 5.14.0-570.28.1.el9_6
- (no CPE)range: < 5.14.0-570.28.1.el9_6
- (no CPE)range: < 5.14.0-570.28.1.el9_6
- (no CPE)range: < 5.14.0-570.28.1.el9_6
- (no CPE)range: < 5.14.0-570.28.1.el9_6
- (no CPE)range: < 5.14.0-570.28.1.el9_6
- (no CPE)range: < 5.14.0-570.28.1.el9_6
- (no CPE)range: < 5.14.0-570.28.1.el9_6
- (no CPE)range: < 5.14.0-570.28.1.el9_6
- (no CPE)range: < 5.14.0-570.28.1.el9_6
- (no CPE)range: < 5.14.0-570.28.1.el9_6
- (no CPE)range: < 5.14.0-570.28.1.el9_6
- (no CPE)range: < 5.14.0-570.28.1.el9_6
- (no CPE)range: < 5.14.0-570.28.1.el9_6
- (no CPE)range: < 4.18.0-553.62.1.el8_10
- (no CPE)range: < 4.18.0-553.62.1.el8_10
- (no CPE)range: < 4.18.0-553.62.1.el8_10
- (no CPE)range: < 4.18.0-553.62.1.el8_10
- (no CPE)range: < 4.18.0-553.62.1.el8_10
- (no CPE)range: < 4.18.0-553.62.1.el8_10
- (no CPE)range: < 5.14.0-570.28.1.el9_6
- (no CPE)range: < 4.18.0-553.62.1.el8_10
- (no CPE)range: < 5.14.0-570.28.1.el9_6
- (no CPE)range: < 4.18.0-553.62.1.el8_10
- (no CPE)range: < 5.14.0-570.28.1.el9_6
- (no CPE)range: < 4.18.0-553.62.1.el8_10
- (no CPE)range: < 5.14.0-570.28.1.el9_6
- (no CPE)range: < 4.18.0-553.62.1.el8_10
- (no CPE)range: < 4.18.0-553.62.1.el8_10
- (no CPE)range: < 4.18.0-553.62.1.el8_10
- (no CPE)range: < 5.14.0-570.28.1.el9_6
- (no CPE)range: < 4.18.0-553.62.1.el8_10
- (no CPE)range: < 4.18.0-553.62.1.rt7.403.el8_10
- (no CPE)range: < 5.14.0-570.28.1.el9_6
- (no CPE)range: < 5.14.0-570.28.1.el9_6
- (no CPE)range: < 5.14.0-570.28.1.el9_6
- (no CPE)range: < 5.14.0-570.28.1.el9_6
- (no CPE)range: < 5.14.0-570.28.1.el9_6
- (no CPE)range: < 5.14.0-570.28.1.el9_6
- (no CPE)range: < 5.14.0-570.28.1.el9_6
- (no CPE)range: < 5.14.0-570.28.1.el9_6
- (no CPE)range: < 5.14.0-570.28.1.el9_6
- (no CPE)range: < 5.14.0-570.28.1.el9_6
- (no CPE)range: < 5.14.0-570.28.1.el9_6
- (no CPE)range: < 5.14.0-570.28.1.el9_6
- (no CPE)range: < 4.18.0-553.62.1.rt7.403.el8_10
- (no CPE)range: < 4.18.0-553.62.1.rt7.403.el8_10
- (no CPE)range: < 4.18.0-553.62.1.rt7.403.el8_10
- (no CPE)range: < 4.18.0-553.62.1.rt7.403.el8_10
- (no CPE)range: < 5.14.0-570.28.1.el9_6
- (no CPE)range: < 4.18.0-553.62.1.rt7.403.el8_10
- (no CPE)range: < 5.14.0-570.28.1.el9_6
- (no CPE)range: < 4.18.0-553.62.1.rt7.403.el8_10
- (no CPE)range: < 4.18.0-553.62.1.rt7.403.el8_10
- (no CPE)range: < 5.14.0-570.28.1.el9_6
- (no CPE)range: < 4.18.0-553.62.1.rt7.403.el8_10
- (no CPE)range: < 5.14.0-570.28.1.el9_6
- (no CPE)range: < 4.18.0-553.62.1.rt7.403.el8_10
- (no CPE)range: < 4.18.0-553.62.1.el8_10
- (no CPE)range: < 4.18.0-553.62.1.el8_10
- (no CPE)range: < 4.18.0-553.62.1.el8_10
- (no CPE)range: < 5.14.0-570.28.1.el9_6
- (no CPE)range: < 5.14.0-570.28.1.el9_6
- (no CPE)range: < 4.18.0-553.62.1.el8_10
- (no CPE)range: < 4.18.0-553.62.1.el8_10
- (no CPE)range: < 4.18.0-553.62.1.el8_10
- (no CPE)range: < 5.14.0-570.28.1.el9_6
- (no CPE)range: < 4.18.0-553.62.1.el8_10
- (no CPE)range: < 5.14.0-570.28.1.el9_6
- (no CPE)range: < 4.18.0-553.62.1.el8_10
- (no CPE)range: < 5.14.0-570.28.1.el9_6
- (no CPE)range: < 4.18.0-553.62.1.el8_10
- (no CPE)range: < 4.18.0-553.62.1.el8_10
- (no CPE)range: < 5.14.0-570.28.1.el9_6
- (no CPE)range: < 5.14.0-570.28.1.el9_6
- (no CPE)range: < 6.4.0-150600.23.47.1
- (no CPE)range: < 6.4.0-150600.23.47.2
- (no CPE)range: < 6.4.0-150600.8.34.2
- (no CPE)range: < 6.4.0-150600.23.47.2
- (no CPE)range: < 6.4.0-150600.23.47.2.150600.12.20.2
- (no CPE)range: < 6.4.0-150600.23.47.2
- (no CPE)range: < 6.4.0-150600.23.47.1
- (no CPE)range: < 6.4.0-150600.23.47.2
- (no CPE)range: < 6.4.0-150600.23.47.1
- (no CPE)range: < 6.4.0-150600.23.47.1
- (no CPE)range: < 6.4.0-150600.10.34.1
- (no CPE)range: < 6.4.0-150600.10.34.1
- (no CPE)range: < 6.4.0-150600.8.34.2
- (no CPE)range: < 6.4.0-150600.23.47.2
- (no CPE)range: < 6.4.0-150600.10.34.1
- (no CPE)range: < 6.4.0-150600.8.34.1
- (no CPE)range: < 6.4.0-150600.23.47.1
- (no CPE)range: < 6.4.0-150600.10.34.1
- (no CPE)range: < 6.4.0-150600.23.47.2
- (no CPE)range: < 6.4.0-150600.23.47.2
- (no CPE)range: < 6.4.0-150600.8.34.2
- (no CPE)range: < 6.4.0-15061.21.coco15sp6.1
- (no CPE)range: < 6.4.0-15061.21.coco15sp6.1
- (no CPE)range: < 6.4.0-150600.23.47.2.150600.12.20.2
- (no CPE)range: < 6.4.0-28.1.21.6
- (no CPE)range: < 6.4.0-28.1.21.6
- (no CPE)range: < 6.4.0-150600.23.47.2
- (no CPE)range: < 6.4.0-150600.23.47.2
- (no CPE)range: < 6.4.0-150600.23.47.2
- (no CPE)range: < 6.4.0-150600.23.47.2
- (no CPE)range: < 6.4.0-150600.23.47.2
- (no CPE)range: < 6.4.0-28.1
- (no CPE)range: < 6.4.0-28.1
- (no CPE)range: < 6.4.0-150600.23.47.1
- (no CPE)range: < 6.4.0-28.1
- (no CPE)range: < 6.4.0-28.1
- (no CPE)range: < 1-3.1
- (no CPE)range: < 1-3.1
- (no CPE)range: < 1-3.1
- (no CPE)range: < 1-3.1
- (no CPE)range: < 1-150600.1.5.1
- (no CPE)range: < 1-150600.13.5.1
- (no CPE)range: < 6.4.0-150600.23.47.1
- (no CPE)range: < 6.4.0-150600.10.34.1
- (no CPE)range: < 6.4.0-28.1
- (no CPE)range: < 6.4.0-28.1
- (no CPE)range: < 6.4.0-150600.10.34.1
- (no CPE)range: < 6.4.0-150600.8.34.2
- (no CPE)range: < 6.4.0-15061.21.coco15sp6.1
- (no CPE)range: < 6.4.0-150600.23.47.2
- (no CPE)range: < 6.4.0-150600.23.47.2
- (no CPE)range: < 6.4.0-28.1
- (no CPE)range: < 6.4.0-28.1
- (no CPE)range: < 6.4.0-28.1
- (no CPE)range: < 6.4.0-28.1
- (no CPE)range: < 6.4.0-150600.10.34.1
- (no CPE)range: < 6.4.0-150600.8.34.1
- (no CPE)range: < 6.4.0-15061.21.coco15sp6.1
- (no CPE)range: < 6.4.0-150600.23.47.1
- (no CPE)range: < 6.4.0-150600.10.34.1
- (no CPE)range: < 6.4.0-150600.23.47.2
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
8- git.kernel.org/stable/c/117f7a2975baa4b7d702d3f4830d5a4ebd0c6d50mitre
- git.kernel.org/stable/c/221cd51efe4565501a3dbf04cc011b537dcce7fbmitre
- git.kernel.org/stable/c/2a29413ace64627e178fd422dd8a5d95219a2c0bmitre
- git.kernel.org/stable/c/438bda062b2c40ddd7df23b932e29ffe0a448cacmitre
- git.kernel.org/stable/c/4dbaa738c583a0e947803c69e8996e88cf98d971mitre
- git.kernel.org/stable/c/653993f46861f2971e95e9a0e36a34b49dec542cmitre
- git.kernel.org/stable/c/9edc7d25f7e49c33a1ce7a5ffadea2222065516cmitre
- git.kernel.org/stable/c/ac18d781466252cd35a3e311e0a4b264260fd927mitre
News mentions
0No linked articles in our index yet.