CVE-2024-49984

Published: Oct 21, 2024Modified: Dec 27, 2024

7.8

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploitability: 1.8 / Impact: 5.9

Source: NVD

Description

In the Linux kernel, the following vulnerability has been resolved: drm/v3d: Prevent out of bounds access in performance query extensions Check that the number of perfmons userspace is passing in the copy and reset extensions is not greater than the internal kernel storage where the ids will be copied into.

Affected (3)

Products: Linux: Linux Kernel

1 product

Configuration A

3 vulnerable

Vulnerable Software	Affected Versions
Linux Linux Kernel	From 6.10.5 to 6.10.14
Linux Linux Kernel	From 6.11 to 6.11.3
Linux Linux Kernel	From 6.8 to 6.10.4

Related CWEs

Out-of-bounds Write

The product writes data past the end, or before the beginning, of the intended buffer.

References (3)

https://git.kernel.org/stable/c/3e50d72abe50204c7b19784a66e86da29dde32c2

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/d9536f16be3970c170571efa707c13cd089c774e

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/f32b5128d2c440368b5bf3a7a356823e235caabb

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

Timeline

No history available yet.