CVE-2024-41060

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2024-41060
In the Linux kernel, the following vulnerability has been resolved: drm/radeon: check bo_va->bo is non-NULL before using it The call to radeon_vm_clear_freed might clear bo_va->bo, so we have to check it before dereferencing it.

5.5 /10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://git.kernel.org/stable/c/6fb15dcbcf4f212930350eaee174bb60ed40a536 Patch
https://git.kernel.org/stable/c/8a500b3a5f0a58c6f99039091fbd715f64f2f8af Patch
https://git.kernel.org/stable/c/a2b201f83971df03c8e81a480b2f2846ae8ce1a3 Patch
https://git.kernel.org/stable/c/a9100f17428cb733c4f6fbb132d98bed76318342 Patch
https://git.kernel.org/stable/c/e8d3c53c6f1cccea9c03113f06dd39521c228831
https://git.kernel.org/stable/c/f13c96e0e325a057c03f8a47734adb360e112efe Patch
https://git.kernel.org/stable/c/6fb15dcbcf4f212930350eaee174bb60ed40a536 Patch
https://git.kernel.org/stable/c/8a500b3a5f0a58c6f99039091fbd715f64f2f8af Patch
https://git.kernel.org/stable/c/a2b201f83971df03c8e81a480b2f2846ae8ce1a3 Patch
https://git.kernel.org/stable/c/a9100f17428cb733c4f6fbb132d98bed76318342 Patch
https://git.kernel.org/stable/c/f13c96e0e325a057c03f8a47734adb360e112efe Patch
https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html
https://lists.debian.org/debian-lts-announce/2025/03/msg00002.html
Configurations

Configuration 1 (hide)

OR cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.10:rc1:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.10:rc2:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.10:rc3:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.10:rc4:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.10:rc5:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.10:rc6:*:*:*:*:*:*
History

03 Nov 2025, 22:17

Type Values Removed Values Added
References
  • () https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html -

03 Nov 2025, 21:16

Type Values Removed Values Added
References
  • () https://lists.debian.org/debian-lts-announce/2025/03/msg00002.html -

02 Feb 2025, 11:15

Type Values Removed Values Added
References
  • () https://git.kernel.org/stable/c/e8d3c53c6f1cccea9c03113f06dd39521c228831 -
Information

Published : 2024-07-29 15:15

Updated : 2025-11-03 22:17

NVD link : CVE-2024-41060

Mitre link : CVE-2024-41060

CVE.ORG link : CVE-2024-41060

JSON object : View

Products Affected

linux

  • linux_kernel
CWE
CWE-476

NULL Pointer Dereference