CVE-2024-49984

In the Linux kernel, the following vulnerability has been resolved: drm/v3d: Prevent out of bounds access in performance query extensions Check that the number of perfmons userspace is passing in the copy and reset extensions is not greater than the internal kernel storage where the ids will be copied into.

CVSS v3 7.8 HIGH

7.8^/10

CVSS v3 : HIGH

Vector :

Exploitability : 1.8 / Impact : 5.9

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://git.kernel.org/stable/c/3e50d72abe50204c7b19784a66e86da29dde32c2	Patch
https://git.kernel.org/stable/c/d9536f16be3970c170571efa707c13cd089c774e	Patch
https://git.kernel.org/stable/c/f32b5128d2c440368b5bf3a7a356823e235caabb	Patch

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::

History

27 Dec 2024, 13:15

Type	Values Removed	Values Added
References	~~{'url': 'https://git.kernel.org/stable/c/73ad583bd4938bf37d2709fc36901eb6f22f2722', 'tags': ['Patch'], 'source': '416baaa9-dc9f-4396-8d5f-8c081fb06d67'}~~

Information

Published : 2024-10-21 18:15

Updated : 2024-12-27 13:15

NVD link : CVE-2024-49984

Mitre link : CVE-2024-49984

CVE.ORG link : CVE-2024-49984

JSON object : View

Products Affected

linux

linux_kernel

CWE

CWE-787

Out-of-bounds Write

{"id": "CVE-2024-49984", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.8}]}, "published": "2024-10-21T18:15:18.873", "references": [{"url": "https://git.kernel.org/stable/c/3e50d72abe50204c7b19784a66e86da29dde32c2", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/d9536f16be3970c170571efa707c13cd089c774e", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/f32b5128d2c440368b5bf3a7a356823e235caabb", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-787"}]}], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/v3d: Prevent out of bounds access in performance query extensions\n\nCheck that the number of perfmons userspace is passing in the copy and\nreset extensions is not greater than the internal kernel storage where\nthe ids will be copied into."}, {"lang": "es", "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: drm/v3d: Evitar el acceso fuera de los l\u00edmites en las extensiones de consulta de rendimiento. Compruebe que la cantidad de espacio de usuario de perfmons que pasa en las extensiones de copia y restablecimiento no sea mayor que el almacenamiento interno del kernel donde se copiar\u00e1n los identificadores."}], "lastModified": "2024-12-27T13:15:20.990", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F8B935B3-1FAC-4502-A5BA-A3C286A20469", "versionEndExcluding": "6.10.4", "versionStartIncluding": "6.8"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7434BF03-F3C3-4CD7-AF0B-397AF34727DA", "versionEndExcluding": "6.10.14", "versionStartIncluding": "6.10.5"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "54D9C704-D679-41A7-9C40-10A6B1E7FFE9", "versionEndExcluding": "6.11.3", "versionStartIncluding": "6.11"}], "operator": "OR"}]}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}