Linux Kernel CEC Message Length Limitation Vulnerability

Vulnerability

A vulnerability in the Linux kernel's media subsystem, specifically within the S5P CEC (Consumer Electronics Control) component, allows for improper handling of message lengths. The issue arises because the message length is not correctly restricted to the maximum allowed size, potentially leading to buffer overflows or other unintended behavior. This vulnerability has been addressed by implementing a check to ensure that message lengths do not exceed the maximum permissible limit.

Impact

Exploitation of this vulnerability could lead to buffer overflow conditions, allowing for arbitrary code execution or causing memory corruption issues.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.3

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.3

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel CEC Message Length Limitation Vulnerability

Vulnerability

Impact

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating