VulnerableCode Vulnerability Details

Staging Environment: Content and features may be unstable or change without notice.

Search for vulnerabilities

Vulnerability details: VCID-c44q-jcs3-qfhj

Essentials
Severities (9)
References (14)
Severity details (6)
Exploits (0)
EPSS
History (1)

Vulnerability ID	VCID-c44q-jcs3-qfhj
Aliases	CVE-2024-26876
Summary	In the Linux kernel, the following vulnerability has been resolved: drm/bridge: adv7511: fix crash on irq during probe Moved IRQ registration down to end of adv7511_probe(). If an IRQ already is pending during adv7511_probe (before adv7511_cec_init) then cec_received_msg_ts could crash using uninitialized data: Unable to handle kernel read from unreadable memory at virtual address 00000000000003d5 Internal error: Oops: 96000004 [#1] PREEMPT_RT SMP Call trace: cec_received_msg_ts+0x48/0x990 [cec] adv7511_cec_irq_process+0x1cc/0x308 [adv7511] adv7511_irq_process+0xd8/0x120 [adv7511] adv7511_irq_handler+0x1c/0x30 [adv7511] irq_thread_fn+0x30/0xa0 irq_thread+0x14c/0x238 kthread+0x190/0x1a8
Status	Published
Exploitability	0.5
Weighted Severity	4.0
Risk	2.0
Affected and Fixed Packages	Package Details

Weaknesses (1)

CWE-364

Signal Handler Race Condition

System	Score	Found at
cvssv3	4.4	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-26876.json
epss	0.00018	https://api.first.org/data/v1/epss?cve=CVE-2024-26876
epss	0.00018	https://api.first.org/data/v1/epss?cve=CVE-2024-26876
epss	0.00018	https://api.first.org/data/v1/epss?cve=CVE-2024-26876
cvssv3.1	5.5	https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
ssvc	Track	https://git.kernel.org/stable/c/28a94271bd50e4cf498df0381f776f8ea40a289e
ssvc	Track	https://git.kernel.org/stable/c/50f4b57e9a9db4ede9294f39b9e75b5f26bae9b7
ssvc	Track	https://git.kernel.org/stable/c/955c1252930677762e0db2b6b9e36938c887445c
ssvc	Track	https://git.kernel.org/stable/c/aeedaee5ef5468caf59e2bb1265c2116e0c9a924

Reference id	Reference type	URL
		https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-26876.json
		https://api.first.org/data/v1/epss?cve=CVE-2024-26876
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26876
		https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
2275699		https://bugzilla.redhat.com/show_bug.cgi?id=2275699
28a94271bd50e4cf498df0381f776f8ea40a289e		https://git.kernel.org/stable/c/28a94271bd50e4cf498df0381f776f8ea40a289e
50f4b57e9a9db4ede9294f39b9e75b5f26bae9b7		https://git.kernel.org/stable/c/50f4b57e9a9db4ede9294f39b9e75b5f26bae9b7
955c1252930677762e0db2b6b9e36938c887445c		https://git.kernel.org/stable/c/955c1252930677762e0db2b6b9e36938c887445c
aeedaee5ef5468caf59e2bb1265c2116e0c9a924		https://git.kernel.org/stable/c/aeedaee5ef5468caf59e2bb1265c2116e0c9a924
USN-6816-1		https://usn.ubuntu.com/6816-1/
USN-6817-1		https://usn.ubuntu.com/6817-1/
USN-6817-2		https://usn.ubuntu.com/6817-2/
USN-6817-3		https://usn.ubuntu.com/6817-3/
USN-6878-1		https://usn.ubuntu.com/6878-1/

No exploits are available.

Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-26876.json

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Found at https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-09T18:40:11Z/ Found at https://git.kernel.org/stable/c/28a94271bd50e4cf498df0381f776f8ea40a289e

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-09T18:40:11Z/ Found at https://git.kernel.org/stable/c/50f4b57e9a9db4ede9294f39b9e75b5f26bae9b7

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-09T18:40:11Z/ Found at https://git.kernel.org/stable/c/955c1252930677762e0db2b6b9e36938c887445c

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-09T18:40:11Z/ Found at https://git.kernel.org/stable/c/aeedaee5ef5468caf59e2bb1265c2116e0c9a924

Exploit Prediction Scoring System (EPSS)

Percentile	0.04936
EPSS Score	0.00018
Published At	June 5, 2026, 12:55 p.m.

Date	Actor	Action	Source	VulnerableCode Version
2026-06-04T16:50:04.074063+00:00	Debian Importer	Import	https://security-tracker.debian.org/tracker/data/json	38.6.0